Lucene search
+L

27 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3162

Malicious code in bioql PyPI...

8.7CVSS5.3AI score0.01103EPSS
Exploits0References10
osv
osv
added 2025/04/14 11:26 a.m.17 views

BIT-RAILS-2024-47887 Action Controller has possible ReDoS vulnerability in HTTP Token authentication

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...

8.7CVSS6.7AI score0.01048EPSS
Exploits0References6
osv
osv
added 2025/04/14 11:26 a.m.20 views

BIT-RAILS-2024-41128 Action Dispatch has possible ReDoS vulnerability in query parameter filtering

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS6.5AI score0.01103EPSS
Exploits0References8
nessus
nessus
added 2024/10/18 12:0 a.m.23 views

actionmailer Ruby Library 3.x < 6.1.7.9 / 7.0.x < 7.0.8.5 / 7.1.x < 7.1.4.1 / 7.2.x < 7.2.1.1 DoS (CVE-2024-47889)

The version of the actionmailer Ruby library installed on the remote host is 3.x prior to 6.1.7.9, 7.0.x prior to 7.0.8.5, 7.1.x prior to 7.1.4.1 or 7.2.x prior to 7.2.1.1. It is, therefore, affected by a denial of service DoS vulnerability. The vulnerability lies in the blockformat helper of...

8.7CVSS6.4AI score0.00944EPSS
Exploits0References2
debiancve
debiancve
added 2024/10/16 8:55 p.m.21 views

CVE-2024-47889

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

8.7CVSS5.3AI score0.00944EPSS
Exploits0
vulnrichment
vulnrichment
added 2024/10/16 8:55 p.m.11 views

CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

8.7CVSS6.8AI score0.00944EPSS
Exploits0References5
cvelist
cvelist
added 2024/10/16 8:55 p.m.36 views

CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

8.7CVSS0.00944EPSS
Exploits0References5
osv
osv
added 2024/10/16 8:55 p.m.21 views

CVE-2024-47889 Action Mailer has possible ReDoS vulnerability in block_format

Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. Carefully crafted text can cause the blockformat helper to...

8.7CVSS5.2AI score0.00944EPSS
Exploits0References7
osv
osv
added 2024/10/16 8:2 p.m.23 views

CVE-2024-47887 Action Controller has possible ReDoS vulnerability in HTTP Token authentication

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...

8.7CVSS5.6AI score0.01048EPSS
Exploits0References7
cve
cve
added 2024/10/16 8:2 p.m.92 views

CVE-2024-47887

CVE-2024-47887 affects Rails Action Pack: ReDoS in Action Controller's HTTP Token authentication where a crafted header can cause header parsing to take excessive time, enabling DoS. Affected versions start at 4.0.0 up to before 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1. Remediation: upgrade to 6.1.7...

8.7CVSS6.8AI score0.01048EPSS
Exploits0References5
debiancve
debiancve
added 2024/10/16 8:2 p.m.14 views

CVE-2024-47887

Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authenticatio...

8.7CVSS5.4AI score0.01048EPSS
Exploits0
nvd
nvd
added 2024/10/16 6:15 p.m.27 views

CVE-2024-41128

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS0.01103EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2024/10/16 6:4 p.m.26 views

CVE-2024-41128 Action Dispatch has possible ReDoS vulnerability in query parameter filtering

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS7.2AI score0.01103EPSS
Exploits0References7
debiancve
debiancve
added 2024/10/16 6:4 p.m.16 views

CVE-2024-41128

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS5.3AI score0.01103EPSS
Exploits0
osv
osv
added 2024/10/16 6:4 p.m.20 views

CVE-2024-41128 Action Dispatch has possible ReDoS vulnerability in query parameter filtering

Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. Carefully crafted query parameters...

8.7CVSS5.3AI score0.01103EPSS
Exploits0References9
github
github
added 2024/10/15 11:35 p.m.22 views

Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...

8.7CVSS9.3AI score0.00944EPSS
Exploits0References3Affected Software1
github
github
added 2024/10/15 11:35 p.m.30 views

Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text

There is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Impact ------ Carefully crafted text can cause the plaintextforblockquotenode helper to take an unexpected amount of time,...

8.7CVSS7.2AI score0.00991EPSS
Exploits0References3Affected Software1
osv
osv
added 2024/10/15 11:35 p.m.22 views

GHSA-VFG9-R3FQ-JVX4 Possible ReDoS vulnerability in HTTP Token authentication in Action Controller

There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier CVE-2024-47887. Impact ------ For applications using HTTP Token authentication via authenticateorrequestwithhttptoken or similar, a carefully crafted...

8.7CVSS5.5AI score0.01048EPSS
Exploits0References3
github
github
added 2024/10/15 11:35 p.m.19 views

Possible ReDoS vulnerability in HTTP Token authentication in Action Controller

There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier CVE-2024-47887. Impact ------ For applications using HTTP Token authentication via authenticateorrequestwithhttptoken or similar, a carefully crafted...

8.7CVSS7.5AI score0.01048EPSS
Exploits0References3Affected Software1
osv
osv
added 2024/10/15 11:35 p.m.15 views

GHSA-X76W-6VJR-8XGJ Possible ReDoS vulnerability in query parameter filtering in Action Dispatch

There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. Impact ------ Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time,...

8.7CVSS5.4AI score0.01103EPSS
Exploits0References10
Rows per page
Query Builder