CVE-2024-0241
- Source
- https://cve.org/CVERecord?id=CVE-2024-0241
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-0241.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-0241
- Aliases
- Published
- 2024-01-04T20:48:00.606Z
- Modified
- 2026-05-11T03:53:51.230566Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- encoded_id-rails Denial of Service Vulnerability
- Details
-
encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. A remote and unauthenticated attacker might cause a denial of service condition by sending an HTTP request with an extremely long "id" parameter.
- Database specific
{ "cna_assigner": "VulnCheck", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/0xxx/CVE-2024-0241.json", "cwe_ids": [ "CWE-400" ] }- References
-
- https://rubygems.org
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/0xxx/CVE-2024-0241.json
- https://github.com/advisories/GHSA-3px7-jm2p-6h2c
- https://github.com/stevegeek/encoded_id-rails/security/advisories/GHSA-3px7-jm2p-6h2c
- https://nvd.nist.gov/vuln/detail/CVE-2024-0241
- https://vulncheck.com/advisories/vc-advisory-GHSA-3px7-jm2p-6h2c
- https://github.com/stevegeek/encoded_id-rails/commit/afa495a77b8a21ad582611f9cdc2081dc4018b91