Ruby Information for VU#903934

Hash table implementations vulnerable to algorithmic complexity attacks



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

According to the n.runs AG advisory:
"CRuby and JRuby provide updates for this issue with a randomized hash function (CRuby 1.8.7-p357, JRuby, CVE-2011-4815)."

Vendor References


There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.