In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.
Weakness
The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cgi | Ruby-lang | * | 0.3.5.1 (excluding) |
| Cgi | Ruby-lang | 0.4.0 (including) | 0.4.2 (excluding) |
| Cgi | Ruby-lang | 0.3.6 (including) | 0.3.6 (including) |
| Red Hat Enterprise Linux 8 | RedHat | ruby:3.1-8100020250407112943.489197e6 | * |
| Red Hat Enterprise Linux 9 | RedHat | ruby-0:3.0.7-165.el9_5 | * |
| Red Hat Enterprise Linux 9 | RedHat | ruby:3.1-9050020250404144903.9 | * |
| Jruby | Ubuntu | esm-apps/xenial | * |
| Jruby | Ubuntu | focal | * |
| Jruby | Ubuntu | oracular | * |
| Jruby | Ubuntu | plucky | * |
| Ruby2.3 | Ubuntu | esm-infra-legacy/xenial | * |
| Ruby2.3 | Ubuntu | esm-infra/xenial | * |
| Ruby2.5 | Ubuntu | esm-infra/bionic | * |
| Ruby2.7 | Ubuntu | esm-infra/focal | * |
| Ruby2.7 | Ubuntu | focal | * |
| Ruby3.0 | Ubuntu | jammy | * |
| Ruby3.2 | Ubuntu | noble | * |
| Ruby3.3 | Ubuntu | devel | * |
| Ruby3.3 | Ubuntu | oracular | * |
| Ruby3.3 | Ubuntu | plucky | * |
| Ruby3.3 | Ubuntu | questing | * |
| Ruby3.3 | Ubuntu | resolute | * |