Showing 1 - 7 of 7

CVE-2023-28755

Status Candidate

Overview

A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.

Related Files

Gentoo Linux Security Advisory 202401-27: Posted Jan 24, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202401-27 - Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code. Multiple versions are affected.; tags | advisory, arbitrary, vulnerability, ruby; systems | linux, gentoo; advisories | CVE-2020-25613, CVE-2021-31810, CVE-2021-32066, CVE-2021-33621, CVE-2021-41816, CVE-2021-41817, CVE-2021-41819, CVE-2022-28738, CVE-2022-28739, CVE-2023-28755, CVE-2023-28756; SHA-256 | 94bd32b96511589b4ae3eae1e1b96022fbaeeb99eb332b00a775c863282498ba; Download | Favorite | View

Ubuntu Security Notice USN-6219-1: Posted Jul 17, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6219-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 20.04 LTS. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue exists because of an incomplete fix for CVE-2023-28755.; tags | advisory, denial of service, ruby; systems | linux, ubuntu; advisories | CVE-2023-28755, CVE-2023-36617; SHA-256 | 00959ed34366bcee4d18cd76de6ced7a9e2b44c45aaa6377bd02caaa7877b79e; Download | Favorite | View

Red Hat Security Advisory 2023-3821-01: Posted Jun 28, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3821-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.; tags | advisory, web, denial of service, vulnerability, ruby; systems | linux, redhat; advisories | CVE-2021-33621, CVE-2023-28755, CVE-2023-28756; SHA-256 | 915adbe516e63371c901e0dbf9c061957d731f589acb09f314d7244a05d2317a; Download | Favorite | View

Red Hat Security Advisory 2023-3291-01: Posted May 25, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3291-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.; tags | advisory, web, denial of service, vulnerability, ruby; systems | linux, redhat; advisories | CVE-2021-33621, CVE-2023-28755, CVE-2023-28756; SHA-256 | 20dec59adcb39ef2916d6cca7cd13c8ca58d1f5b2b3c7506b88fe76014af5ad2; Download | Favorite | View

Ubuntu Security Notice USN-6087-1: Posted May 18, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6087-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM.; tags | advisory, denial of service, ruby; systems | linux, ubuntu; advisories | CVE-2023-28755, CVE-2023-28756; SHA-256 | cc361b6847f2850db6412282b2a465949ce6e489bc3be40573658c7db61eda9b; Download | Favorite | View

Ubuntu Security Notice USN-6055-2: Posted May 8, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6055-2 - USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to fix the regression pending further investigation. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.; tags | advisory, denial of service, ruby; systems | linux, ubuntu; advisories | CVE-2023-28755; SHA-256 | ada5c9e435b07122b3ea37aaeeff4ec44d8a5abb8e17dfa44d63ad098d9107d3; Download | Favorite | View

Ubuntu Security Notice USN-6055-1: Posted May 4, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6055-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.; tags | advisory, denial of service, ruby; systems | linux, ubuntu; advisories | CVE-2023-28755, CVE-2023-28756; SHA-256 | 57cc9e7412e527b063da950b49c9036f3f360426a199720cba2c4ff74ccb4925; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2023-28755

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems