logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-41817

Description

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.


Affected Software


CPE Name Name Version
ruby-lang:date ruby-lang date 3.1.2
ruby-lang:date ruby-lang date 3.0.2
ruby-lang:date ruby-lang date 2.0.1
ruby-lang:date ruby-lang date 3.2.0
ruby-lang:ruby ruby-lang ruby 3.0.3
ruby-lang:ruby ruby-lang ruby 2.7.5
ruby-lang:ruby ruby-lang ruby 2.6.9
redhat:enterprise_linux redhat enterprise linux 7.0
redhat:enterprise_linux redhat enterprise linux 8.0
redhat:software_collections redhat software collections -
fedoraproject:fedora fedoraproject fedora 34
fedoraproject:fedora fedoraproject fedora 35
debian:debian_linux debian debian linux 9.0
debian:debian_linux debian debian linux 10.0
debian:debian_linux debian debian linux 11.0
suse:linux_enterprise suse linux enterprise 12.0
suse:linux_enterprise suse linux enterprise 15.0
opensuse:factory opensuse factory -
opensuse:leap opensuse leap 15.2

Related