发布于3月6日3月6日 Members Alpine Linux: CVE-2023-28755: Inefficient Regular Expression Complexity Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Solution(s) alpine-linux-upgrade-ruby References https://attackerkb.com/topics/cve-2023-28755 CVE - 2023-28755 https://security.alpinelinux.org/vuln/CVE-2023-28755
