GHSA-h27x-rffw-24p4 — Vulnetix

GHSA-h27x-rffw-24p4 PUBLISHED CVSS 7.5 HIGH

Addressable has a Regular Expression Denial of Service in Addressable templates

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
RubyGems	addressable	2.3.0, 2.3.0, 2.3.0

Timeline

Apr 8, 2026 CVE Published
Apr 9, 2026 Security Advisory
May 13, 2026 CVE Updated

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›