Add CVE-2014-10077 / OSVDB-121500 for i18n (#182)

reedloden · web-flow · commit 76dc29f77ed7 · 2018-11-06T08:45:46.000-08:00
Add CVE-2014-10077 / OSVDB-121500 for i18n
diff --git a/gems/i18n/CVE-2014-10077.yml b/gems/i18n/CVE-2014-10077.yml
@@ -0,0 +1,18 @@
+---
+gem: i18n
+cve: CVE-2014-10077
+url: https://github.com/svenfuchs/i18n/pull/289
+title: i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS
+date: 2014-09-27
+description: |
+  i18n Gem for Ruby contains a flaw in the Hash#slice() function in
+  lib/i18n/core_ext/hash.rb that is triggered when calling a hash when
+  :some_key is in keep_keys but not in the hash. This may allow an attacker
+  to cause the program to crash.
+
+patched_version:
+  - ">= 0.8.0"
+
+related:
+  osvdb:
+    - 121500
