CVE-2023-22799

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an affected release should either upgrade or use one of the workarounds immediately.

CWE	CWE-400
Vendor	n/a
Product	https://github.com/rails/globalid
Published	Feb 9, 2023
Last Updated	Aug 2, 2024

Stay Ahead of the Next One

Get instant alerts for n/a https://github.com/rails/globalid

Be the first to know when new unknown vulnerabilities affecting n/a https://github.com/rails/globalid are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / https://github.com/rails/globalid

1.0.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

discuss.rubyonrails.org: https://discuss.rubyonrails.org/t/cve-2023-22799-possible-redos-based-dos-vulnerability-in-globalid/82127