VulnerableCode Package Details - pkg:rpm/redhat/tfm-rubygem-nokogiri@1.6.6.2-2?arch=el7sat

Search for packages

Vulnerability	Summary	Fixed by
VCID-1mw1-384y-huc7 Aliases: CVE-2013-2099	Uncontrolled Resource Consumption Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.	There are no reported fixed by versions.
VCID-77c9-jb1m-6qe2 Aliases: CVE-2015-0203	qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling	There are no reported fixed by versions.
VCID-9gb8-xvrc-aqgb Aliases: CVE-2015-0223	qpid-cpp: anonymous access to qpidd cannot be prevented	There are no reported fixed by versions.
VCID-fq2t-c2nv-23ce Aliases: CVE-2015-1609	A vulnerability in MongoDB can lead to a Denial of Service condition.	There are no reported fixed by versions.
VCID-jfqz-9a6e-jff7 Aliases: CVE-2016-2100	foreman: Unprivileged user can access private bookmarks of other users	There are no reported fixed by versions.
VCID-vhxh-tpay-mbh3 Aliases: CVE-2015-0224	qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-1mw1-384y-huc7
Aliases:
CVE-2013-2099

Uncontrolled Resource Consumption Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.