Overview

CVE-2013-4287 (Rubygem Algorithmic Complexity DOS Vulnerability)

  • Posted October 15, 2013

  • Assessed Risk Level: Low

RubyGems validates versions with a regular expression that is vulnerable to attackers causing denial of service through CPU consumption.

Status

  • Resolved in Puppet Enterprise 3.1.0