CVE-2021-41817 log

Severity Low
Remote Yes
Type Denial of service
A security issue has been found in Ruby before versions 3.0.3, 2.7.5 and 2.6.9. In the Ruby "date" gem before versions 3.2.1, 3.1.2, 3.0.2, and 2.0.1, there is a regular expression denial of service vulnerability (ReDoS) on date parsing methods. An attacker can exploit this vulnerability to cause an effective denial of service attack.
Group Package Affected Fixed Severity Status Ticket
AVG-2557 ruby2.6 2.6.8-2 Medium Unknown
AVG-2556 ruby2.7 2.7.4-2 2.7.5-1 Medium Fixed
AVG-2555 ruby 3.0.2-2 3.0.3-1 Medium Fixed