globalid is vulnerable to Regular Expression Denial of Service (ReDoS) attacks. The vulnerability exists in the model name parsing section of the library, which allows an attacker to significantly slow down the processing time via passing a carefully crafted input.
CPE | Name | Operator | Version |
---|---|---|---|
globalid | le | 1.0.0 | |
globalid | le | 0.3.0 | |
globalid | le | 1.0.0 | |
globalid | le | 0.3.0 | |
ruby-globalid:sid | eq | 0.4.2+REALLY.0.3.6-1 | |
ruby-globalid:bookworm | eq | 0.4.2+REALLY.0.3.6-1 |