Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-02-27T15:25:44.103Z
Updated: 2024-08-28T15:55:41.386Z
Reserved: 2024-02-14T17:40:03.688Z
Link: CVE-2024-26142
Vulnrichment
Updated: 2024-08-01T23:59:32.697Z
NVD
Status : Awaiting Analysis
Published: 2024-02-27T16:15:46.600
Modified: 2024-05-03T13:15:21.550
Link: CVE-2024-26142
Redhat