Description
The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod) regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted regular expression.
Remediation
References
Related Vulnerabilities
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1270)
GeoServer Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-51444)
WordPress Plugin Limit Login Attempts Cross-Site Scripting (4.0.43)
WordPress Plugin betterAmazonAPI Cross-Site Scripting (1.2)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5610)