RubySec

Providing security resources for the Ruby community

OSVDB-94679 (enum_column3): enum_column3 Gem for Ruby Symbol Creation Remote DoS

ADVISORIES

  • OSVDB-94679

GEM

enum_column3

PATCHED VERSIONS

None.

DESCRIPTION

The enum_column3 Gem for Ruby contains a flaw that may allow a remote denial of service. The issue is due to the program typecasting unexpected strings to symbols. This may allow a remote attacker to crash the program.