Back to bug 2164799
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat Bugzilla | 2023-03-02 08:28:16 UTC | Blocks | 2162605 | |
| Depends On | 2164803, 2164802 | |||
| CC | myarboro | |||
| Avinash Hanwate | 2023-03-16 04:39:21 UTC | Doc Text | A flaw was found in the rubygem-actionpack. RubyGems actionpack gem is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in Action Dispatch related to the If-None-Match header. By sending a specially-crafted HTTP If-None-Match header, a remote attacker could exploit this vulnerability to use large amounts of CPU and memory, and results in a denial of service condition. | |
| RaTasha Tillery-Smith | 2023-03-16 14:29:52 UTC | Doc Text | A flaw was found in the rubygem-actionpack. RubyGems actionpack gem is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in Action Dispatch related to the If-None-Match header. By sending a specially-crafted HTTP If-None-Match header, a remote attacker could exploit this vulnerability to use large amounts of CPU and memory, and results in a denial of service condition. | A flaw was found in the rubygem-actionpack. RubyGems actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in Action Dispatch related to the If-None-Match header. By sending a specially-crafted HTTP If-None-Match header, a remote attacker can use large amounts of CPU and memory, which results in a denial of service condition. |
| RaTasha Tillery-Smith | 2023-03-16 14:31:53 UTC | Doc Text | A flaw was found in the rubygem-actionpack. RubyGems actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in Action Dispatch related to the If-None-Match header. By sending a specially-crafted HTTP If-None-Match header, a remote attacker can use large amounts of CPU and memory, which results in a denial of service condition. | A flaw was found in the rubygem-actionpack. RubyGems actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in Action Dispatch related to the If-None-Match header. By sending a specially-crafted HTTP If-None-Match header, a remote attacker can use large amounts of CPU and memory, resulting in a denial of service. |
| RaTasha Tillery-Smith | 2023-03-16 14:35:43 UTC | Doc Text | A flaw was found in the rubygem-actionpack. RubyGems actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in Action Dispatch related to the If-None-Match header. By sending a specially-crafted HTTP If-None-Match header, a remote attacker can use large amounts of CPU and memory, resulting in a denial of service. | A flaw was found in the rubygem-actionpack. RubyGem's actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in Action Dispatch related to the If-None-Match header. By sending a specially-crafted HTTP If-None-Match header, a remote attacker can use large amounts of CPU and memory, resulting in a denial of service. |
| Red Hat Bugzilla | 2023-05-15 20:18:55 UTC | CC | btotty | |
| Red Hat Bugzilla | 2023-07-07 08:34:30 UTC | Assignee | security-response-team | nobody |
| Kazu Yoshida | 2023-08-08 06:07:44 UTC | CC | kyoshida |
Back to bug 2164799