A Regular Expression Denial of Service (ReDoS) issue was discovered
in the sanitize_html function of redcloth gem v4.0.0. This
vulnerability allows attackers to cause a Denial of Service (DoS)
via supplying a crafted payload. (CVE-2023-31606)
- https://bugs.mageia.org/show_bug.cgi?id=32284
- https://ubuntu.com/security/notices/USN-6358-1
- https://www.cve.org/CVERecord?id=CVE-2023-31606
- 9/core/ruby-RedCloth-4.3.2-7.1.mga9
- 8/core/ruby-RedCloth-4.3.2-5.1.mga8
Get the latest Linux and open source security news straight to your inbox.