CVE-2014-10077

Name of the Vulnerable Software and Affected Versions i18n gem versions prior to 0.8.0

Description The issue is related to a buffer overflow in the Ruby programming language interpreter. It can be exploited by a remote attacker to cause a denial of service. Specifically, the Hash#slice method in the lib/i18n/core ext/hash.rb file of the i18n gem is vulnerable. This can be triggered when the :some key is present in keep keys but not in the hash, leading to an application crash.

Recommendations For versions prior to 0.8.0, update the i18n gem to version 0.8.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Hash#slice method in situations where :some key may not be present in the hash to minimize the risk of exploitation.