VYPR
High severityNVD Advisory· Published Jan 1, 2022· Updated Aug 4, 2024

CVE-2021-41817

CVE-2021-41817

Description

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
dateRubyGems
>= 3.2.0, < 3.2.13.2.1
dateRubyGems
>= 3.1.0, < 3.1.23.1.2
dateRubyGems
>= 3.0.0, < 3.0.23.0.2
dateRubyGems
< 2.0.12.0.1

Affected products

83

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.