295 matches found
CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...
CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...
CVE-2024-47887
Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...
CVE-2024-47887 Action Controller has possible ReDoS vulnerability in HTTP Token authentication
Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...
CVE-2024-47887
CVE-2024-47887 affects Rails Action Pack: ReDoS in Action Controller's HTTP Token authentication where a crafted header can cause header parsing to take excessive time, enabling DoS. Affected versions start at 4.0.0 up to before 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1. Remediation: upgrade to 6.1.7...
CVE-2024-41128
Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...
CVE-2024-41128 Action Dispatch has possible ReDoS vulnerability in query parameter filtering
Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...
CVE-2024-41128 Action Dispatch has possible ReDoS vulnerability in query parameter filtering
Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...
CVE-2024-41128
Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...
Possible ReDoS vulnerability in block_format in Action Mailer
There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...
Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
There is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Impact ------ Carefully crafted text can cause the plaintextforblockquotenode helper to take an unexpected amount of time,...
Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier CVE-2024-47887. Impact ------ For applications using HTTP Token authentication via authenticateorrequestwithhttptoken or similar, a carefully crafted...
GHSA-VFG9-R3FQ-JVX4 Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier CVE-2024-47887. Impact ------ For applications using HTTP Token authentication via authenticateorrequestwithhttptoken or similar, a carefully crafted...
GHSA-X76W-6VJR-8XGJ Possible ReDoS vulnerability in query parameter filtering in Action Dispatch
There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. Impact ------ Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time,...
Possible ReDoS vulnerability in query parameter filtering in Action Dispatch
There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. Impact ------ Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time,...
Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
There is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Impact ------ Carefully crafted text can cause the plaintextforblockquotenode helper to take an unexpected amount of time,...
Possible ReDoS vulnerability in block_format in Action Mailer
There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...
Possible ReDoS vulnerability in block_format in Action Mailer
There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS vulnerabilit...
Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
There is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Impact Carefully crafted text can cause the plaintextforblockquotenode helper to take an unexpected amount of time, possibly...
Possible ReDoS vulnerability in query parameter filtering in Action Dispatch
There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. Impact Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibl...