Lucene search
K

5 matches found

BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.4 views

The vulnerability of the `plain_text_for_blockquote_node` function in the Action Text interpreter for Ruby allows a hacker to trigger a service failure.

The vulnerability of the plaintextforblockquotenode function in the Action Text interpreter for Ruby is related to the use of a regular expression with high computational complexity. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...

3.7CVSS5.7AI score0.00991EPSS
Exploits0References8Affected Software6
SUSE CVE
SUSE CVE
added 2024/10/17 2:48 a.m.5 views

SUSE CVE-2024-47888

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

5.9CVSS5.8AI score0.00991EPSS
Exploits0References7
OSV
OSV
added 2024/10/16 9:15 p.m.3 views

UBUNTU-CVE-2024-47888

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

8.7CVSS6.4AI score0.00991EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/10/16 8:31 p.m.17 views

CVE-2024-47888 Action Text has possible ReDoS vulnerability in plain_text_for_blockquote_node

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

8.7CVSS6.8AI score0.00991EPSS
Exploits0References5
Snyk
Snyk
added 2024/10/15 11:35 p.m.4 views

Regular Expression Denial of Service (ReDoS)

Overview actiontext is a package to edit and display rich text in Rails applications. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the plaintextforblockquotenode helper function due to the usage of an insecure regular expression. By...

8.7CVSS6.6AI score0.00991EPSS
Exploits0References2
Rows per page
Query Builder