VYPR

RubyGems package

encoded_id-rails

pkg:gem/encoded_id-rails

Vulnerabilities (1)

  • CVE-2024-0241HigJan 4, 2024
    affected < 1.0.0.beta2fixed 1.0.0.beta2

    encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. A remote and unauthenticated attacker might cause a denial of service condition by sending an HTTP request with an extremely long "id" parameter.