漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Ruby 安全漏洞
Vulnerability Description
Ruby是松本行弘(Yukihiro Matsumoto)个人开发者的一种跨平台、面向对象的动态类型编程语言。 Ruby 0.4.2之前版本存在安全漏洞,该漏洞源于CGI::Cookie.parse方法未限制原始cookie值长度,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A