what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2023-28756

Status Candidate

Overview

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

Related Files

Gentoo Linux Security Advisory 202401-27
Posted Jan 24, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-27 - Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code. Multiple versions are affected.

tags | advisory, arbitrary, vulnerability, ruby
systems | linux, gentoo
advisories | CVE-2020-25613, CVE-2021-31810, CVE-2021-32066, CVE-2021-33621, CVE-2021-41816, CVE-2021-41817, CVE-2021-41819, CVE-2022-28738, CVE-2022-28739, CVE-2023-28755, CVE-2023-28756
SHA-256 | 94bd32b96511589b4ae3eae1e1b96022fbaeeb99eb332b00a775c863282498ba
Red Hat Security Advisory 2023-3821-01
Posted Jun 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3821-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-33621, CVE-2023-28755, CVE-2023-28756
SHA-256 | 915adbe516e63371c901e0dbf9c061957d731f589acb09f314d7244a05d2317a
Red Hat Security Advisory 2023-3291-01
Posted May 25, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3291-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-33621, CVE-2023-28755, CVE-2023-28756
SHA-256 | 20dec59adcb39ef2916d6cca7cd13c8ca58d1f5b2b3c7506b88fe76014af5ad2
Ubuntu Security Notice USN-6087-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6087-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2023-28755, CVE-2023-28756
SHA-256 | cc361b6847f2850db6412282b2a465949ce6e489bc3be40573658c7db61eda9b
Ubuntu Security Notice USN-6055-1
Posted May 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6055-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2023-28755, CVE-2023-28756
SHA-256 | 57cc9e7412e527b063da950b49c9036f3f360426a199720cba2c4ff74ccb4925
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close