Lucene search
K

13 matches found

Hacker One
Hacker One
added 2024/04/03 9:25 p.m.36 views

Internet Bug Bounty: [CVE-2024-26142] ReDoS vulnerability in Accept header parsing in Action Dispatch

A ReDoS vulnerability was discovered in the Accept header parsing in Action Dispatch. The vulnerability was assigned the CVE identifier CVE-2024-26142. Affected versions were 7.1.0 to 7.1.3, while versions prior to 7.1.0 and 7.1.3.1 and later were not affected. The vulnerability was reported and ...

7.5CVSS6.3AI score0.01498EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/02/29 3:37 a.m.5 views

SUSE CVE-2024-26142

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS6.9AI score0.01498EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/02/27 9:41 p.m.32 views

Rails has possible ReDoS vulnerability in Accept header parsing in Action Dispatch

Possible ReDoS vulnerability in Accept header parsing in Action Dispatch There is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-26142. Versions Affected: = 7.1.0, 7.1.3.1 Not affected: 7.1....

7.5CVSS6.8AI score0.01498EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/02/27 9:41 p.m.42 views

GHSA-JJHX-JHVP-74WQ Rails has possible ReDoS vulnerability in Accept header parsing in Action Dispatch

Possible ReDoS vulnerability in Accept header parsing in Action Dispatch There is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-26142. Versions Affected: = 7.1.0, 7.1.3.1 Not affected: 7.1....

7.5CVSS6.3AI score0.01498EPSS
Exploits0References6
NVD
NVD
added 2024/02/27 4:15 p.m.60 views

CVE-2024-26142

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS7.5AI score0.01498EPSS
Exploits0References5
Prion
Prion
added 2024/02/27 4:15 p.m.18 views

Design/Logic Flaw

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

5CVSS7AI score0.01498EPSS
Exploits0References4
OSV
OSV
added 2024/02/27 4:15 p.m.3 views

UBUNTU-CVE-2024-26142

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS6AI score0.01498EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/02/27 3:25 p.m.66 views

CVE-2024-26142 Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS7.7AI score0.01498EPSS
Exploits0References5
OSV
OSV
added 2024/02/27 3:25 p.m.37 views

CVE-2024-26142 Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS6.5AI score0.01498EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/02/27 3:25 p.m.17 views

CVE-2024-26142 Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS7.1AI score0.01498EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/02/27 3:25 p.m.18 views

CVE-2024-26142

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS6.5AI score0.01498EPSS
Exploits0
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.41 views

Rails Security Vulnerabilities

Rails is a Ruby-based open source web application framework from the Rails team. A security vulnerability exists in Rails versions prior to 7.1.0 through 7.1.3.1, which stems from a Regular Expression Denial of Service ReDoS vulnerability in the Accept header parsing routine of Action Dispatch...

7.5CVSS6.7AI score0.01498EPSS
Exploits0References5
RubySec
RubySec
added 2024/02/21 12:0 a.m.21 views

Possible ReDoS vulnerability in Accept header parsing in Action Dispatch

There is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-26142. Versions Affected: = 7.1.0, 7.1.3.1 Not affected: 7.1.0 Fixed Versions: 7.1.3.1 Impact Carefully crafted Accept headers can cau...

7.5CVSS7AI score0.01498EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder