vulnerability

Ubuntu: (CVE-2014-10077): ruby-i18n vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Nov 6, 2018	Nov 19, 2024	Aug 19, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Nov 6, 2018

Added

Nov 19, 2024

Modified

Aug 19, 2025

Description

Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.

Solution

ubuntu-pro-upgrade-ruby-i18n

References

CVE-2014-10077
https://attackerkb.com/topics/CVE-2014-10077
CWE-20
URL-https://github.com/rubysec/ruby-advisory-db/pull/182/files
URL-https://github.com/svenfuchs/i18n/pull/289
URL-https://github.com/svenfuchs/i18n/releases/tag/v0.8.0
URL-https://www.cve.org/CVERecord?id=CVE-2014-10077

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today