Ruby CVE-2014-8090 Incomplete Fix XML External Entity Denial of Service Vulnerability
Ruby is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition.
The following versions are vulnerable:
Ruby 1.9 versions prior to 1.9.3-p551
Ruby 2.0 versions prior to 2.0.0-p598
Ruby 2.1 versions prior to 2.1.5
Note: This issue is the result of an incomplete fix for the issues described in 58141 (Ruby REXML Parser Denial of Service Vulnerability) and 70935 (Ruby CVE-2014-8080 XML External Entity Denial of Service Vulnerability).