CVE-2021-32823: Uncontrolled Resource Consumption
(updated )
In the bindata RubyGem For example BinData::Bit100000
, BinData::Bit100001
, BinData::Bit100002
, BinData::Bit<N>
. In combination with <user_input>.constantize
there is a potential for a CPU-based DoS. bindata improved the creation time of Bits and Integers.
References
Detect and mitigate CVE-2021-32823 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →