Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-qcm3-vfq5-wfr2

GitHub Security Advisory

RedCloth Regular Expression Denial of Service issue

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

A Regular Expression Denial of Service (ReDoS) issue was discovered in the `sanitize_html` function of RedCloth gem. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

Affected Packages

RubyGems RedCloth
Affected versions: 0 (fixed in 4.3.3)

Related CVEs

CVE-2023-31606

Key Information

GHSA ID
GHSA-qcm3-vfq5-wfr2
Published
June 6, 2023 6:30 PM
Last Modified
January 9, 2024 11:32 PM
CVSS Score
7.5 /10
Primary Ecosystem
RubyGems
Primary Package
RedCloth
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 30, 2025 6:36 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.