CVE-2011-4838

JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Configurations

Configuration 1 (hide)

cpe:2.3:a:jruby:jruby:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-12-30 01:55

Updated : 2024-02-28 11:41


NVD link : CVE-2011-4838

Mitre link : CVE-2011-4838

CVE.ORG link : CVE-2011-4838


JSON object : View

Products Affected

jruby

  • jruby
CWE
CWE-400

Uncontrolled Resource Consumption