« List of all CVEs

CVE-2021-41817

Published: 1/1/2022 Last updated: 8/4/2024 Reserved: 9/29/2021

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-ruby

Products affected (1)

Product Vendor Version
n/a n/a v1.4.25.188

References (10)