OSVDB-114600 (curb): curb Gem for Ruby Empty http_put Body Handling Remote DoS

August 12th, 2010

ADVISORIES

OSVDB-114600
Vendor Advisory

GEM

PATCHED VERSIONS

>= 0.7.8

DESCRIPTION

curb Gem for Ruby contains a flaw that is triggered when handling an empty http_put body. This may allow a remote attacker to crash an application linked against the library.

https://my.diffend.io/gems/curb/versions/0.6.4.0
https://my.diffend.io/gems/curb/0.7.7.1/0.7.8
http://osvdb.org/show/osvdb/114600

RubySec

OSVDB-114600 (curb): curb Gem for Ruby Empty http_put Body Handling Remote DoS

ADVISORIES

GEM

PATCHED VERSIONS

DESCRIPTION

RELATED

Recent Advisories