GHSA-wfrc-r6c6-7j9r
Suggest an improvement- Source
- https://github.com/advisories/GHSA-wfrc-r6c6-7j9r
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wfrc-r6c6-7j9r/GHSA-wfrc-r6c6-7j9r.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-wfrc-r6c6-7j9r
- Aliases
-
- CVE-2008-4310
- Published
- 2022-05-02T00:08:51Z
- Modified
- 2024-02-09T21:52:33Z
- Summary
- WEBrick Denial of Service Vulnerability
- Details
-
httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656.
- Database specific
{ "nvd_published_at": "2008-12-09T00:30:00Z", "cwe_ids": [ "CWE-400" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-02-09T18:36:15Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2008-4310
- https://github.com/ruby/webrick/commit/b2ccd5ff7ddd67a4548299e110dcc5a4728a5534
- https://bugzilla.redhat.com/show_bug.cgi?id=470252
- https://github.com/ruby/webrick
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2008-4310.yml
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10250
- https://web.archive.org/web/20111230125610/http://secunia.com/advisories/33013
- http://www.openwall.com/lists/oss-security/2008/12/04/2
- http://www.redhat.com/support/errata/RHSA-2008-0981.html
Affected packages
RubyGems / webrick
Package
- Name
- webrick
- Purl
- pkg:gem/webrick