FreeBSD: VID-6BD2773C-CF1A-11ED-BD44-080027F5FEC9 (CVE-2023-28756): rubygem-time -- ReDoS vulnerability

分享
https://www.ishack.org/topic/10330.html/
粉丝

发布于3月6日3月6日

Members

FreeBSD: VID-6BD2773C-CF1A-11ED-BD44-080027F5FEC9 (CVE-2023-28756): rubygem-time -- ReDoS vulnerability

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

03/30/2023

Created

04/04/2023

Added

04/01/2023

Modified

01/28/2025

Description

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

Solution(s)

freebsd-upgrade-package-ruby
freebsd-upgrade-package-ruby27
freebsd-upgrade-package-ruby30
freebsd-upgrade-package-ruby31
freebsd-upgrade-package-ruby32
freebsd-upgrade-package-rubygem-time

References

CVE-2023-28756

查看数 695
已创建 3月6日3月6日
最后回复 3月6日3月6日

https://www.ishack.org/topic/10330.html/

粉丝

转到主题列表

登录

FreeBSD: VID-6BD2773C-CF1A-11ED-BD44-080027F5FEC9 (CVE-2023-28756): rubygem-time -- ReDoS vulnerability

recommended_posts

FreeBSD: VID-6BD2773C-CF1A-11ED-BD44-080027F5FEC9 (CVE-2023-28756): rubygem-time -- ReDoS vulnerability

Description

Solution(s)

References

欢迎来到红帽社区

社区动态

红龙逆向工具箱2025最新版(ISHACK改良版)

修改底部版权信息

ips4.7升级到5.x版本问题。

IPS Invision Community 经常自动退出登录解决

网站程序安装中文语言包时没有中文选项？Debian中文包

帐户

导航

搜索