Back to bug 2164736

Who	When	What	Removed	Added
Red Hat Bugzilla	2023-03-02 08:28:25 UTC	Depends On		2164737, 2164738
		Summary	CVE-2023-22796 rubygem-activerecord: Regular Expression Denial of Service	CVE-2023-22796 rubygem-activesupport: Regular Expression Denial of Service
		Depends On		2164740
		Depends On		2164743, 2164744
		CC	myarboro
Avinash Hanwate	2023-03-16 04:36:43 UTC	Depends On		2178591
		Doc Text		A flaw was found in the rubygem-activesupport. RubyGems activesupport gem is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in Inflector.underscore. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to use large amounts of CPU and memory, and results in a denial of service condition.
RaTasha Tillery-Smith	2023-03-16 14:39:25 UTC	Doc Text	A flaw was found in the rubygem-activesupport. RubyGems activesupport gem is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in Inflector.underscore. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to use large amounts of CPU and memory, and results in a denial of service condition.	A flaw was found in rubygem-activesupport. RubyGem's activesupport gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in Inflector.underscore. By sending a specially-crafted regex input, a remote attacker can use large amounts of CPU and memory, resulting in a denial of service.
Red Hat Bugzilla	2023-05-15 20:19:02 UTC	CC	btotty
Red Hat Bugzilla	2023-07-07 08:33:37 UTC	Assignee	security-response-team	nobody
TEJ RATHI	2023-07-12 14:49:20 UTC	CC		jcantril, periklis
errata-xmlrpc	2023-08-02 13:49:44 UTC	Link ID		Red Hat Product Errata RHSA-2023:4341
Product Security DevOps Team	2023-08-02 18:08:58 UTC	Resolution	---	ERRATA
		Status	NEW	CLOSED
		Last Closed		2023-08-02 18:08:58 UTC

Back to bug 2164736