Description
The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod) regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted regular expression.
Remediation
References
Related Vulnerabilities
WordPress Plugin Xerte Online 'save.php' Arbitrary File Upload (0.32)
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2022-25762)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.22)
WordPress Plugin Booked-Appointment Booking for WordPress Security Bypass (2.2.5)
WebLogic Improper Certificate Validation Vulnerability (CVE-2021-3450)