RedCloth 4.3.0
1 security vulnerability
found in version
4.3.0
RedCloth Regular Expression Denial of Service issue
high severity CVE-2023-31606
high severity
CVE-2023-31606
Patched versions:
>= 4.3.3
Unaffected versions:
< 4.0.0
A Regular Expression Denial of Service (ReDoS) issue was discovered in the "sanitize_html" function of RedCloth gem >= v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.