Описание
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
| Релиз | Статус | Примечание |
|---|---|---|
| esm-infra/xenial | released | 2.3.1-2~ubuntu16.04.16+esm2 |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.5.1-1ubuntu1.11 |
| esm-infra/bionic | not-affected | 2.5.1-1ubuntu1.11 |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| esm-infra/focal | not-affected | 2.7.0-5ubuntu1.6 |
| focal | released | 2.7.0-5ubuntu1.6 |
| hirsute | released | 2.7.2-4ubuntu1.3 |
| impish | released | 2.7.4-1ubuntu3.1 |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.0.2-7ubuntu2 |
| jammy | released | 3.0.2-7ubuntu2 |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regula ...
Regular expression denial of service vulnerability (ReDoS) in date
EPSS
5 Medium
CVSS2
7.5 High
CVSS3