Vulnerabilities > CVE-2014-9490 - Resource Management Errors vulnerability in Getsentry Raven-Ruby 0.12.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

getsentry

CWE-399

NVD

Published: 2015-01-20

Updated: 2023-11-07

Summary

The numtok function in lib/raven/okjson.rb in the raven-ruby gem before 0.12.2 for Ruby allows remote attackers to cause a denial of service via a large exponent value in a scientific number.

Vulnerable Configurations

Part	Description	Count
Application	Getsentry Getsentry Raven Ruby 0.12.1	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

https://github.com/getsentry/raven-ruby/commit/477ee93a3f735be33bc1e726820654cdf6e22d8f
http://seclists.org/oss-sec/2015/q1/26
https://exchange.xforce.ibmcloud.com/vulnerabilities/99687
https://groups.google.com/forum/#%21topic/getsentry/Cz5bih0ZY1U