Search for packages
| purl | pkg:gem/rubygems-update@1.9 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-k2ga-fgvp-5qc7
Aliases: CVE-2013-4287 GHSA-9j7m-rjqx-48vh OSV-97163 |
Cryptographic Issues Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. |
Affected by 9 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 8 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T15:18:35.139253+00:00 | Ruby Importer | Affected by | VCID-k2ga-fgvp-5qc7 | https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2013-4287.yml | 38.0.0 |