EUVD-2024-3051

Malicious code in bioql PyPI...

BIT-RAILS-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

OESA-2024-2383 rubygem-actionmailer security update

Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments. Security Fixes: Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5,...

Security update for rubygem-actionmailer-5_1

This update for rubygem-actionmailer-51 fixes the following issues: CVE-2024-47889: Fixed Possible ReDoS vulnerability in blockformat in Action Mailer bsc1231723. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

actionmailer Ruby Library 3.x < 6.1.7.9 / 7.0.x < 7.0.8.5 / 7.1.x < 7.1.4.1 / 7.2.x < 7.2.1.1 DoS (CVE-2024-47889)

The version of the actionmailer Ruby library installed on the remote host is 3.x prior to 6.1.7.9, 7.0.x prior to 7.0.8.5, 7.1.x prior to 7.1.4.1 or 7.2.x prior to 7.2.1.1. It is, therefore, affected by a denial of service DoS vulnerability. The vulnerability lies in the blockformat helper of...

CVE-2024-47889

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

CVE-2024-47889

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

CVE-2024-47889

CVE-2024-47889 – Action Mailer ReDoS (Rails) : Action Mailer’s block_format helper is vulnerable to a ReDoS (regular-expression denial of service) in affected releases. Text crafted to trigger pathological regex handling can cause unusually long processing times, yielding a DoS. Affected Rails re...

CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

CVE-2024-47889

A flaw was found in the rubygem actionmailer. Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a denial of service. Mitigation Users can avoid calling the blockformat helper or upgrade to Ruby 3.2...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the blockformat helper. An attacker can craft specific input that triggers inefficient regular expression evaluation, causing the application to consume excessive resources and...