Back to bug 2221255
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2023-07-07 16:48:31 UTC | Depends On | 2221257, 2221256 | |
| Pedro Sampaio | 2023-07-07 16:49:57 UTC | Blocks | 2221258 | |
| Chess Hazlett | 2023-07-20 18:11:57 UTC | Severity | low | high |
| Priority | low | high | ||
| Chess Hazlett | 2023-07-20 18:30:52 UTC | Doc Text | The HTML sanitizer function in Rubygems' Redcloth was found to incorrectly handle regular expression inputs. An attacker could use this to send a malicious regexp to the server and cause a denial of service. | |
| Chess Hazlett | 2023-07-20 18:34:48 UTC | Alias | TRIAGE-CVE-2023-31606 | CVE-2023-31606 |
| CC | chazlett | |||
| Chess Hazlett | 2023-07-20 18:35:43 UTC | Summary | TRIAGE-CVE-2023-31606 RedCloth: Regular expression denial of service in sanitize_html function | CVE-2023-31606 RedCloth: Regular expression denial of service in sanitize_html function |
| Paige Jung | 2023-07-20 18:45:00 UTC | Doc Text | The HTML sanitizer function in Rubygems' Redcloth was found to incorrectly handle regular expression inputs. An attacker could use this to send a malicious regexp to the server and cause a denial of service. | The HTML sanitizer function in Rubygems' Redcloth incorrectly handles regular expression inputs. This issue could allow an attacker to send a malicious regexp to the server and cause a denial of service. |
Back to bug 2221255