13 matches found
ruby4.0-rubygem-globalid-1.2.1-1.9 on GA media (moderate)
ruby4.0-rubygem-globalid-1.2.1-1.9 on GA media Announcement ID: openSUSE-SU-2026:10347-1 Rating: moderate Cross-References: CVE-2023-22799 CVSS scores: CVE-2023-22799 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...
ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media (moderate)
ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media Announcement ID: openSUSE-SU-2025:15116-1 Rating: moderate Cross-References: CVE-2023-22799 CVSS scores: CVE-2023-22799 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...
Linux Distros Unpatched Vulnerability : CVE-2023-22799
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A ReDoS based DoS vulnerability in the GlobalID 1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine ...
openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0328-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Internet Bug Bounty: [CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID
A ReDoS-based DoS vulnerability was discovered in the GlobalID gem, affecting versions 0.2.1 and above. Crafted input could cause the regular expression engine to consume excessive processing time, leading to a denial of service. The issue has been fixed in version 1.0.1...
OESA-2023-1112 rubygem-globalid security update
URIs for your models makes it easy to pass references around. Security Fixes: A ReDoS based DoS vulnerability in the GlobalID 1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an...
OESA-2023-1100 rubygem-globalid security update
URIs for your models makes it easy to pass references around. Security Fixes: A ReDoS based DoS vulnerability in the GlobalID 1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an...
SUSE SLES15 / openSUSE 15 Security Update : rubygem-globalid (SUSE-SU-2023:0328-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0328-1 advisory. - CVE-2023-22799: Fixed ReDoS vulnerability bsc1207587. Tenable has extracted the preceding description block directly from the SUSE...
SUSE-SU-2023:0328-1 Security update for rubygem-globalid
This update for rubygem-globalid fixes the following issues: - CVE-2023-22799: Fixed ReDoS vulnerability bsc1207587...
CVE-2023-22799
CVE-2023-22799 describes a ReDoS-based DoS in the Ruby GlobalID gem prior to 1.0.1. The vulnerability arises from a crafted input causing the regular expression engine to take excessive time, potentially impacting availability for systems using GlobalID
GHSA-23C2-GWP5-PXW9 ReDoS based DoS vulnerability in GlobalID
There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: NOTAFFECTED Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the...
ReDoS based DoS vulnerability in GlobalID
There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: NOTAFFECTED Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the...
ReDoS based DoS vulnerability in GlobalID
There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: 0.2.1 Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the GlobalID...