RubyGems package
encoded_id-rails
pkg:gem/encoded_id-rails
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-0241 | Hig | 7.5 | < 1.0.0.beta2 | 1.0.0.beta2 | Jan 4, 2024 | encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. A remote and unauthenticated attacker might cause a denial of service condition by sending an HTTP request with an extremely long "id" parameter. |
- affected < 1.0.0.beta2fixed 1.0.0.beta2
encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. A remote and unauthenticated attacker might cause a denial of service condition by sending an HTTP request with an extremely long "id" parameter.