{"url":"http://public2.vulnerablecode.io/api/packages/52134?format=json","purl":"pkg:gem/sentry-raven@0.12.2","type":"gem","namespace":"","name":"sentry-raven","version":"0.12.2","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37795?format=json","vulnerability_id":"VCID-rrya-61c7-gkfq","summary":"Denial of Service\nSentry raven-ruby contains a flaw in the lib/raven/okjson.rb script that is triggered when large numeric values are stored as an exponent or in scientific notation. With a specially crafted request, an attacker can cause the software to consume excessive resources resulting in a denial of service.","references":[{"reference_url":"http://osvdb.org/show/osvdb/115654","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/show/osvdb/115654"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52134?format=json","purl":"pkg:gem/sentry-raven@0.12.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/sentry-raven@0.12.2"}],"aliases":["CVE-2014-9490"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rrya-61c7-gkfq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/sentry-raven@0.12.2"}