stevegeek/encoded_id-rails

Releases11

Frequency2 months 3 weeks

Last Release about 1 year ago

Stars8

Use `encoded_id` with Rails ActiveRecord models

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-0241 ↗	Jan 4, 2024Thursday, 4 January 2024, 21:15	7.5 HIGH	—
encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. A remote and unauthenticated attacker might cause a denial of service condition by sending an HTTP request with an extremely long "id" parameter.