The vulnerability of the `plain_text_for_blockquote_node` function in the Action Text interpreter for Ruby allows a hacker to trigger a service failure.

The vulnerability of the plaintextforblockquotenode function in the Action Text interpreter for Ruby is related to the use of a regular expression with high computational complexity. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...

SUSE CVE-2024-47888

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

DEBIAN-CVE-2024-47888

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

Ruby on Rails: Action Text ReDoS (Ruby 3.1 or lower)

A vulnerability was discovered in the ActionText component of the Rails web framework for Ruby versions 3.1 and lower. The vulnerability was caused by a Regular Expression Denial of Service ReDoS issue in the plaintextforblockquotenode method. This method was used in the...