Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. `NumberToDelimitedConverter` uses a lookahead-based regular expression with `gsub!` to insert thousands delimiters. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the interaction between the repeated lookahead group and `gsub!` can produce quadratic time complexity on long digit strings. Versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 contain a patch.
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
Low
Partial disruption
CVSS Vector v4.0
Weakness Type (CWE)
Vulnerable Products 3
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Rubyonrails Rails
cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*
|
— |
7.2.3.1
|
|
Rubyonrails Rails
cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*
|
8.0.0
|
8.0.4.1
|
|
Rubyonrails Rails
cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*
|
8.1.0
|
8.1.2.1
|
References 7
https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11
security-advisories@github.com
https://github.com/rails/rails/commit/b54a4b373c6f042cab6ee2033246b1c9ecc38974
security-advisories@github.com
https://github.com/rails/rails/commit/ec1a0e215efd27a3b3911aae6df978a80f456a49
security-advisories@github.com
https://github.com/rails/rails/releases/tag/v7.2.3.1
security-advisories@github.com
https://github.com/rails/rails/releases/tag/v8.0.4.1
security-advisories@github.com
https://github.com/rails/rails/releases/tag/v8.1.2.1
security-advisories@github.com
https://github.com/rails/rails/security/advisories/GHSA-cg4j-q9v8-6v38
security-advisories@github.com