CVE-2008-4310

WEBrick Denial of Service Vulnerability in gem/webrick

Identifiers

GHSA-wfrc-r6c6-7j9r, CVE-2008-4310

Package Slug

gem/webrick

Vulnerability

WEBrick Denial of Service Vulnerability

Description

httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656.

Affected Versions

All versions before 1.3.1

Solution

Upgrade to version 1.3.1 or above.

Last Modified

2024-02-12

source