Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-qcm3-vfq5-wfr2: RedCloth Regular Expression Denial of Service issue

A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of RedCloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

ghsa
#vulnerability#dos#git

RedCloth Regular Expression Denial of Service issue

Moderate severity GitHub Reviewed Published Jun 6, 2023 to the GitHub Advisory Database • Updated Jun 6, 2023

Related news

Gentoo Linux Security Advisory 202401-14

Gentoo Linux Security Advisory 202401-14 - A denial of service vulnerability has been found in RedCloth. Versions greater than or equal to 4.3.2-r5 are affected.

Ubuntu Security Notice USN-6358-1

Ubuntu Security Notice 6358-1 - It was discovered that RedCloth incorrectly handled certain inputs during html sanitisation. An attacker could possibly use this issue to cause a denial of service.

CVE-2023-31606: GitHub - jgarber/redcloth: RedCloth is a Ruby library for converting Textile into HTML.

A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

ghsa: Latest News

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization