Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2023/11/08 2:26 p.m.10 views

rubygem-globalid: ReDoS vulnerability

A flaw was found in rubygem-globalid. RubyGem’s GlobalID gem is vulnerable to a denial of service issue caused by a regular expression denial of service ReDoS flaw in the model name parsing. By sending a specially-crafted regex input, a remote attacker can cause a denial of service...

7.5CVSS6.8AI score0.01049EPSS
Exploits0References5
OSV
OSV
added 2023/01/18 6:13 p.m.30 views

GHSA-23C2-GWP5-PXW9 ReDoS based DoS vulnerability in GlobalID

There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: NOTAFFECTED Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the...

7.5CVSS7.4AI score0.01049EPSS
Exploits0References6
Snyk
Snyk
added 2023/01/18 6:13 p.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in uri/gid.rb, when parsing modelname values. NOTE: A patch has been released to address this issue: 1-0-model-name-redos.patch Details Denial of Service DoS describes a family of attacks, all...

7.5CVSS6.8AI score0.01049EPSS
Exploits0References2
RubySec
RubySec
added 2023/01/18 12:0 a.m.37 views

ReDoS based DoS vulnerability in GlobalID

There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: 0.2.1 Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the GlobalID...

7.5CVSS3.7AI score0.01049EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder