4 matches found
rubygem-globalid: ReDoS vulnerability
A flaw was found in rubygem-globalid. RubyGem’s GlobalID gem is vulnerable to a denial of service issue caused by a regular expression denial of service ReDoS flaw in the model name parsing. By sending a specially-crafted regex input, a remote attacker can cause a denial of service...
GHSA-23C2-GWP5-PXW9 ReDoS based DoS vulnerability in GlobalID
There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: NOTAFFECTED Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in uri/gid.rb, when parsing modelname values. NOTE: A patch has been released to address this issue: 1-0-model-name-redos.patch Details Denial of Service DoS describes a family of attacks, all...
ReDoS based DoS vulnerability in GlobalID
There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: 0.2.1 Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the GlobalID...