CVE-2014-9490
raven-ruby < 0.12.2 - Denial of Service via Large Exponent in Scientific Number
Title source: llmDescription
The numtok function in lib/raven/okjson.rb in the raven-ruby gem before 0.12.2 for Ruby allows remote attackers to cause a denial of service via a large exponent value in a scientific number.
References (4)
Core 4
Core References
Patch x_refsource_confirm
https://github.com/getsentry/raven-ruby/commit/477ee93a3f735be33bc1e726820654cdf6e22d8f
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/99687
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2015/q1/26
Mailing List x_refsource_confirm
https://groups.google.com/forum/#%21topic/getsentry/Cz5bih0ZY1U
Scores
EPSS
0.0073
EPSS Percentile
73.0%
Details
CWE
CWE-399
Status
published
Products (2)
getsentry/raven-ruby
< 0.12.1
rubygems/sentry-raven
0 - 0.12.2RubyGems
Published
Jan 20, 2015
Tracked Since
Feb 18, 2026