[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2014-0472":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":56,"epss":9,"epss_history":57,"metrics":58,"affected":59},"MGASA-2014-0472","Updated ruby packages fix security vulnerabilities\n\nWill Wood discovered that Ruby incorrectly handled the encodes() function.\nAn attacker could possibly use this issue to cause Ruby to crash, resulting\nin a denial of service, or possibly execute arbitrary code. The default\ncompiler options for affected releases should reduce the vulnerability to a\ndenial of service (CVE-2014-4975).\n\nDue to an incomplete fix for CVE-2014-8080, 100% CPU utilization can occur as\na result of recursive expansion with an empty String. When reading text nodes\nfrom an XML document, the REXML parser in Ruby can be coerced into allocating\nextremely large string objects which can consume all of the memory on a\nmachine, causing a denial of service (CVE-2014-8090).\n",null,[],[],[],[14,16],{"_key":15},"CVE-2014-4975",{"_key":17},"CVE-2014-8090",[],[],[21,22],{"_key":15},{"_key":17},"2014-11-21T12:44:16Z","2026-04-16T06:26:07.444884199Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,44,48,52],{"url":29,"sources":30,"tags":32},"https://advisories.mageia.org/MGASA-2014-0472.html",[31],"osv_mageia",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugs.mageia.org/show_bug.cgi?id=14532",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/",[31],[38,43],"WEB",{"url":45,"sources":46,"tags":47},"https://www.ruby-lang.org/en/news/2014/11/13/ruby-1-9-3-p551-is-released/",[31],[38,43],{"url":49,"sources":50,"tags":51},"https://www.ruby-lang.org/en/news/2014/11/13/ruby-2-0-0-p598-is-released/",[31],[38,43],{"url":53,"sources":54,"tags":55},"http://www.ubuntu.com/usn/usn-2397-1/",[31],[38,43],[],[],[],[60,72],{"ecosystem":61,"name":62,"vendor":63,"product":62,"cpe_part":9,"purl_type":64,"purl_namespace":63,"purl_name":62,"source":9,"versions":65},"Mageia","ruby","mageia","rpm",[66],{"version":67,"is_range":68,"range_type":69,"version_start":9,"version_start_type":9,"version_end":70,"version_end_type":71,"fixed_in":9},"lt1_9_3_p551_1_mga3",true,"ecosystem","1.9.3.p551-1.mga3","excluding",{"ecosystem":61,"name":62,"vendor":63,"product":62,"cpe_part":9,"purl_type":64,"purl_namespace":63,"purl_name":62,"source":9,"versions":73},[74],{"version":75,"is_range":68,"range_type":69,"version_start":9,"version_start_type":9,"version_end":76,"version_end_type":71,"fixed_in":9},"lt2_0_0_p598_1_mga4","2.0.0.p598-1.mga4"]