Lucene search
K

295 matches found

Vulnrichment
Vulnrichment
added 2024/10/16 8:55 p.m.11 views

CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

8.7CVSS6.8AI score0.00944EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/16 8:55 p.m.35 views

CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

8.7CVSS0.00944EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/10/16 8:2 p.m.14 views

CVE-2024-47887

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...

8.7CVSS5.4AI score0.01048EPSS
Exploits0
OSV
OSV
added 2024/10/16 8:2 p.m.23 views

CVE-2024-47887 Action Controller has possible ReDoS vulnerability in HTTP Token authentication

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...

8.7CVSS5.6AI score0.01048EPSS
Exploits0References7
CVE
CVE
added 2024/10/16 8:2 p.m.91 views

CVE-2024-47887

CVE-2024-47887 affects Rails Action Pack: ReDoS in Action Controller's HTTP Token authentication where a crafted header can cause header parsing to take excessive time, enabling DoS. Affected versions start at 4.0.0 up to before 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1. Remediation: upgrade to 6.1.7...

8.7CVSS6.8AI score0.01048EPSS
Exploits0References5
NVD
NVD
added 2024/10/16 6:15 p.m.27 views

CVE-2024-41128

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS0.01103EPSS
Exploits0References7
OSV
OSV
added 2024/10/16 6:4 p.m.19 views

CVE-2024-41128 Action Dispatch has possible ReDoS vulnerability in query parameter filtering

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS5.3AI score0.01103EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/10/16 6:4 p.m.26 views

CVE-2024-41128 Action Dispatch has possible ReDoS vulnerability in query parameter filtering

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS7.2AI score0.01103EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/10/16 6:4 p.m.16 views

CVE-2024-41128

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS5.3AI score0.01103EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/10/15 11:35 p.m.22 views

Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...

8.7CVSS9.3AI score0.00944EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2024/10/15 11:35 p.m.28 views

Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text

There is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Impact ------ Carefully crafted text can cause the plaintextforblockquotenode helper to take an unexpected amount of time,...

8.7CVSS7.2AI score0.00991EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2024/10/15 11:35 p.m.17 views

Possible ReDoS vulnerability in HTTP Token authentication in Action Controller

There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier CVE-2024-47887. Impact ------ For applications using HTTP Token authentication via authenticateorrequestwithhttptoken or similar, a carefully crafted...

8.7CVSS7.5AI score0.01048EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/10/15 11:35 p.m.22 views

GHSA-VFG9-R3FQ-JVX4 Possible ReDoS vulnerability in HTTP Token authentication in Action Controller

There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier CVE-2024-47887. Impact ------ For applications using HTTP Token authentication via authenticateorrequestwithhttptoken or similar, a carefully crafted...

8.7CVSS5.5AI score0.01048EPSS
Exploits0References3
OSV
OSV
added 2024/10/15 11:35 p.m.15 views

GHSA-X76W-6VJR-8XGJ Possible ReDoS vulnerability in query parameter filtering in Action Dispatch

There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. Impact ------ Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time,...

8.7CVSS5.4AI score0.01103EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2024/10/15 11:35 p.m.21 views

Possible ReDoS vulnerability in query parameter filtering in Action Dispatch

There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. Impact ------ Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time,...

8.7CVSS7.2AI score0.01103EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/10/15 12:0 a.m.27 views

Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text

There is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Impact ------ Carefully crafted text can cause the plaintextforblockquotenode helper to take an unexpected amount of time,...

8.7CVSS7AI score0.00991EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/10/15 12:0 a.m.30 views

Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...

8.7CVSS9.3AI score0.00944EPSS
Exploits0References5Affected Software1
RubySec
RubySec
added 2024/10/15 12:0 a.m.16 views

Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS vulnerabilit...

8.7CVSS6.9AI score0.00944EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2024/10/15 12:0 a.m.20 views

Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text

There is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Impact Carefully crafted text can cause the plaintextforblockquotenode helper to take an unexpected amount of time, possibly...

8.7CVSS6.9AI score0.00991EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2024/10/15 12:0 a.m.21 views

Possible ReDoS vulnerability in query parameter filtering in Action Dispatch

There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. Impact Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibl...

8.7CVSS6.9AI score0.01103EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder