RubyFlow The Ruby and Rails community linklog

Heap Overflow in Floating Point Parsing (CVE-2013-4164). Fixed in 1.9.3-p484 and 2.0.0-p353.

by postmodern
There is an overflow in floating point number parsing in Ruby. This vulnerability has been assigned the CVE identifier CVE-2013-4164. All users are recommended to upgrade to Ruby 1.9.3 patchlevel 484, ruby 2.0.0 patchlevel 353 or ruby 2.1.0 preview2.

Post a comment

You can use basic HTML markup (e.g. <a>) or Markdown.

As you are not logged in, you will be
directed via GitHub to signup or sign in