actionpack/test/controller/http_token_authentication_test.rb · 0d304eae601f085274b2e2c04316e025b443da62 · Rails relative code / rails-deleted-2

May 04, 2021

Aaron Patterson authored May 04, 2021

The old regex could take too long when parsing an authorization header,
and this could potentially cause a DoS vulnerability

[CVE-2021-22904]

d861fa8a

Aaron Patterson authored May 04, 2021

The old regex could take too long when parsing an authorization header,
and this could potentially cause a DoS vulnerability

[CVE-2021-22904]