OSVDB-114600 (curb): curb Gem for Ruby Empty http_put Body Handling Remote DoS

curb Gem for Ruby Empty http_put Body Handling Remote DoS

Published: August 12, 2010

SECURITY IDENTIFIERS

OSVDB: OSVDB-114600
Vendor Advisory: https://my.diffend.io/gems/curb/versions/0.6.4.0

GEM

curb

PATCHED VERSIONS

>= 0.7.8

DESCRIPTION

curb Gem for Ruby contains a flaw that is triggered when handling an empty http_put body. This may allow a remote attacker to crash an application linked against the library.

https://my.diffend.io/gems/curb/versions/0.6.4.0
https://my.diffend.io/gems/curb/0.7.7.1/0.7.8
http://osvdb.org/show/osvdb/114600

RubySec

OSVDB-114600 (curb): curb Gem for Ruby Empty http_put Body Handling Remote DoS

curb Gem for Ruby Empty http_put Body Handling Remote DoS

SECURITY IDENTIFIERS

GEM

PATCHED VERSIONS

DESCRIPTION

RELATED

Recent Advisories