sisimai is vulnerable to Regular Expression Denial Of Service (ReDoS). The vulnerability exists in the to_plain
function in string.rb
due to inefficient regular expression complexity which leads to an application crash.
gist.githubusercontent.com/gmcabrita/e5dc0332473fc2e3a7a407434c8d21c7/raw/00b12035e5e1b685469f143b94301a50306376ba/example.html
github.com/advisories/GHSA-vm74-j4wq-82xj
github.com/sisimai/rb-sisimai/commit/51fe2e6521c9c02b421b383943dc9e4bbbe65d4e
github.com/sisimai/rb-sisimai/pull/244
github.com/sisimai/rb-sisimai/releases/tag/v4.25.14p12
vuldb.com/?ctiid.218452
vuldb.com/?id.218452