CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14168 matches found

OSV•added 2024/10/16 8:31 p.m.•28 views

CVE-2024-47888 Action Text has possible ReDoS vulnerability in plain_text_for_blockquote_node

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

8.7CVSS5.3AI score0.00476EPSS

Exploits0References7

Debian CVE•added 2024/10/16 8:31 p.m.•12 views

CVE-2024-47888

8.7CVSS5.3AI score0.00476EPSS

Exploits0

CVE•added 2024/10/16 8:31 p.m.•80 views

CVE-2024-47888

CVE-2024-47888 – Action Text ReDoS vulnerability in Rails/Action Text: the plain_text_for_blockquote_node helper can be exploited to cause excessive processing time, leading to DoS. Affected range: Rails 6.0.0 and later, up to but not including the fixed releases 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7....

8.7CVSS6.4AI score0.00476EPSS

Exploits0References5

Cvelist•added 2024/10/16 8:31 p.m.•19 views

CVE-2024-47888 Action Text has possible ReDoS vulnerability in plain_text_for_blockquote_node

8.7CVSS0.00476EPSS

Exploits0References5

Vulnrichment•added 2024/10/16 8:31 p.m.•15 views

CVE-2024-47888 Action Text has possible ReDoS vulnerability in plain_text_for_blockquote_node

8.7CVSS6.8AI score0.00476EPSS

Exploits0References5

NVD•added 2024/10/16 8:15 p.m.•24 views

CVE-2024-47887

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...

8.7CVSS0.00273EPSS

Exploits0References5

OSV•added 2024/10/16 8:15 p.m.•0 views

UBUNTU-CVE-2024-47887

8.7CVSS6.4AI score0.00273EPSS

Exploits0References8

CVE•added 2024/10/16 8:2 p.m.•85 views

CVE-2024-47887

CVE-2024-47887 affects Rails Action Pack: ReDoS in Action Controller's HTTP Token authentication where a crafted header can cause header parsing to take excessive time, enabling DoS. Affected versions start at 4.0.0 up to before 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1. Remediation: upgrade to 6.1.7...

8.7CVSS6.8AI score0.00273EPSS

Exploits0References5

Cvelist•added 2024/10/16 8:2 p.m.•25 views

CVE-2024-47887 Action Controller has possible ReDoS vulnerability in HTTP Token authentication

8.7CVSS0.00273EPSS

Exploits0References5

Debian CVE•added 2024/10/16 8:2 p.m.•12 views

CVE-2024-47887

8.7CVSS5.4AI score0.00273EPSS

Exploits0

Vulnrichment•added 2024/10/16 8:2 p.m.•14 views

CVE-2024-47887 Action Controller has possible ReDoS vulnerability in HTTP Token authentication

8.7CVSS7.1AI score0.00273EPSS

Exploits0References5

OSV•added 2024/10/16 8:2 p.m.•20 views

CVE-2024-47887 Action Controller has possible ReDoS vulnerability in HTTP Token authentication

8.7CVSS5.6AI score0.00273EPSS

Exploits0References7

OSV•added 2024/10/16 6:15 p.m.•2 views

DEBIAN-CVE-2024-41128

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS5.3AI score0.00557EPSS

Exploits0References1

NVD•added 2024/10/16 6:15 p.m.•18 views

CVE-2024-41128

8.7CVSS0.00557EPSS

Exploits0References7

OSV•added 2024/10/16 6:15 p.m.•1 views

UBUNTU-CVE-2024-41128

8.7CVSS6.4AI score0.00557EPSS

Exploits0References10

Debian CVE•added 2024/10/16 6:4 p.m.•14 views

CVE-2024-41128