4 matches found
DEBIAN-CVE-2021-41817
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS regular expression Denial of Service via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1...
Regular Expression Denial of Service (ReDoS)
Overview date is a subclass of Object includes Comparable module for handling dates. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. Date’s parsing methods including Date.parse are using regular expressions internally, some of which are vulnerable...
Mozilla: Out of bound read in Date.parse()
Due to confusion processing a hyphen character in Date.parse, a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox 78...
Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2020-44565)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A buffer overflow vulnerability exists in Date.parse in versions prior to Mozilla Firefox 78. An attacker can exploit this vulnerability to obtain sensitive information...