RedCloth 4.3.2

1 security vulnerability found in version 4.3.2

RedCloth Regular Expression Denial of Service issue

high severity CVE-2023-31606
high severity CVE-2023-31606
Patched versions: >= 4.3.3
Unaffected versions: < 4.0.0

A Regular Expression Denial of Service (ReDoS) issue was discovered in the "sanitize_html" function of RedCloth gem >= v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

No officially reported memory leakage issues detected.


This gem version does not have any officially reported memory leaked issues.

No license issues detected.


This gem version has a license in the gemspec.

This gem version is available.


This gem version has not been yanked and is still available for usage.