[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-22795":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":94,"aliases":95,"duplicate_of":9,"upstream":96,"downstream":97,"duplicates":116,"related":117,"reserved_at":9,"published_at":123,"modified_at":124,"state":125,"summary":126,"references_raw":135,"kevs":152,"epss":153,"epss_history":156,"metrics":421,"affected":427},"CVE-2023-22795","A regular expression based DoS vulnerability in Action Dispatch \u003C6.1.7.1 and \u003C7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.",null,[11,24],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-1333","Inefficient Regular Expression Complexity","The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.","weakness","Draft","Base","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-492","Regular Expression Exponential Blowup",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":16,"abstraction":28,"likelihood_of_exploit":18,"capec":29},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","Class",[30,34,92],{"id":31,"name":32,"techniques":33},"CAPEC-147","XML Ping of the Death",[],{"id":35,"name":36,"techniques":37},"CAPEC-227","Sustained Client Engagement",[38],{"id":39,"name":40,"tactics":41,"countermeasures":45},"T1499","Endpoint Denial of Service",[42],{"id":43,"name":44},"TA0105","Impact",[46,51,55,59,63,67,71,75,79,83,88],{"id":47,"name":48,"tactic":49},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":50},"Detect",{"id":52,"name":53,"tactic":54},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":50},{"id":56,"name":57,"tactic":58},"D3-CSPP","Client-server Payload Profiling",{"name":50},{"id":60,"name":61,"tactic":62},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":50},{"id":64,"name":65,"tactic":66},"D3-NTSA","Network Traffic Signature Analysis",{"name":50},{"id":68,"name":69,"tactic":70},"D3-APCA","Application Protocol Command Analysis",{"name":50},{"id":72,"name":73,"tactic":74},"D3-NTCD","Network Traffic Community Deviation",{"name":50},{"id":76,"name":77,"tactic":78},"D3-RTSD","Remote Terminal Session Detection",{"name":50},{"id":80,"name":81,"tactic":82},"D3-ISVA","Inbound Session Volume Analysis",{"name":50},{"id":84,"name":85,"tactic":86},"D3-NTF","Network Traffic Filtering",{"name":87},"Isolate",{"id":89,"name":90,"tactic":91},"D3-ITF","Inbound Traffic Filtering",{"name":87},{"id":21,"name":22,"techniques":93},[],[],[],[],[98,100,102,104,106,108,110,112,114],{"_key":99},"SUSE-SU-2023:0442-1",{"_key":101},"SUSE-SU-2023:0444-1",{"_key":103},"OPENSUSE-SU-2024:12765-1",{"_key":105},"OPENSUSE-SU-2024:14067-1",{"_key":107},"OPENSUSE-SU-2025:15110-1",{"_key":109},"DSA-5372-1",{"_key":111},"DEBIAN-CVE-2023-22795",{"_key":113},"UBUNTU-CVE-2023-22795",{"_key":115},"RHSA-2023:6818",[],[118,119,120,121,122],{"_key":99},{"_key":101},{"_key":103},{"_key":105},{"_key":107},"2023-02-09T00:00:00.000Z","2024-08-02T10:20:30.901Z","Modified",{"cisa_kev":127,"cisa_ransomware":127,"cisa_vendor":9,"epss_severity":128,"epss_score":129,"severity":130,"severity_score":131,"severity_version":132,"severity_source":133,"severity_vector":134,"severity_status":125},false,"low",0.01304,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[136,143,148],{"url":137,"sources":138,"tags":140},"https://discuss.rubyonrails.org/t/cve-2023-22795-possible-redos-based-dos-vulnerability-in-action-dispatch/82118",[139,133],"cve.org",[141,142],"Patch","Vendor Advisory",{"url":144,"sources":145,"tags":146},"https://www.debian.org/security/2023/dsa-5372",[139,133],[142,147],"Third Party Advisory",{"url":149,"sources":150,"tags":151},"https://security.netapp.com/advisory/ntap-20240202-0010/",[139,133],[],[],{"date":154,"score":129,"percentile":155},"2026-06-04",0.80099,[157,161,164,167,170,173,176,179,182,185,188,191,194,197,200,204,207,210,213,216,219,221,224,227,230,233,235,237,241,244,247,249,252,254,257,260,263,266,269,272,275,277,280,283,286,289,292,295,298,301,303,306,309,312,316,319,322,325,327,331,334,337,340,343,346,348,351,354,357,360,362,364,367,369,372,375,378,380,383,386,389,392,395,398,402,405,408,411,414,417],{"date":158,"score":159,"percentile":160},"2025-11-04",0.0136,0.79519,{"date":162,"score":159,"percentile":163},"2025-11-05",0.79521,{"date":165,"score":159,"percentile":166},"2025-11-06",0.79523,{"date":168,"score":159,"percentile":169},"2025-11-07",0.79535,{"date":171,"score":159,"percentile":172},"2025-11-08",0.79542,{"date":174,"score":159,"percentile":175},"2025-11-09",0.79539,{"date":177,"score":159,"percentile":178},"2025-11-10",0.79527,{"date":180,"score":159,"percentile":181},"2025-11-11",0.7953,{"date":183,"score":159,"percentile":184},"2025-11-12",0.79546,{"date":186,"score":159,"percentile":187},"2025-11-13",0.79554,{"date":189,"score":159,"percentile":190},"2025-11-14",0.79561,{"date":192,"score":159,"percentile":193},"2025-11-15",0.79559,{"date":195,"score":159,"percentile":196},"2025-11-16",0.7956,{"date":198,"score":159,"percentile":199},"2025-11-17",0.79558,{"date":201,"score":202,"percentile":203},"2025-11-18",0.13461,0.93562,{"date":205,"score":202,"percentile":206},"2025-11-19",0.93565,{"date":208,"score":202,"percentile":209},"2025-11-20",0.93571,{"date":211,"score":159,"percentile":212},"2025-11-21",0.79579,{"date":214,"score":159,"percentile":215},"2025-11-22",0.79584,{"date":217,"score":159,"percentile":218},"2025-11-23",0.79575,{"date":220,"score":159,"percentile":218},"2025-11-24",{"date":222,"score":159,"percentile":223},"2025-11-25",0.79576,{"date":225,"score":159,"percentile":226},"2025-11-26",0.79578,{"date":228,"score":159,"percentile":229},"2025-11-27",0.7958,{"date":231,"score":159,"percentile":232},"2025-11-28",0.79573,{"date":234,"score":159,"percentile":226},"2025-11-29",{"date":236,"score":159,"percentile":223},"2025-11-30",{"date":238,"score":239,"percentile":240},"2025-12-01",0.00732,0.72042,{"date":242,"score":239,"percentile":243},"2025-12-02",0.72055,{"date":245,"score":239,"percentile":246},"2025-12-03",0.72053,{"date":248,"score":159,"percentile":212},"2025-12-04",{"date":250,"score":159,"percentile":251},"2025-12-05",0.79583,{"date":253,"score":159,"percentile":215},"2025-12-06",{"date":255,"score":159,"percentile":256},"2025-12-07",0.79586,{"date":258,"score":159,"percentile":259},"2025-12-08",0.79591,{"date":261,"score":159,"percentile":262},"2025-12-09",0.79607,{"date":264,"score":159,"percentile":265},"2025-12-10",0.79633,{"date":267,"score":159,"percentile":268},"2025-12-11",0.79645,{"date":270,"score":159,"percentile":271},"2025-12-12",0.79663,{"date":273,"score":159,"percentile":274},"2025-12-13",0.79664,{"date":276,"score":159,"percentile":271},"2025-12-14",{"date":278,"score":159,"percentile":279},"2025-12-15",0.79662,{"date":281,"score":159,"percentile":282},"2025-12-16",0.79673,{"date":284,"score":159,"percentile":285},"2025-12-17",0.79683,{"date":287,"score":159,"percentile":288},"2025-12-18",0.79703,{"date":290,"score":159,"percentile":291},"2025-12-19",0.79713,{"date":293,"score":159,"percentile":294},"2025-12-20",0.79706,{"date":296,"score":159,"percentile":297},"2025-12-21",0.79698,{"date":299,"score":159,"percentile":300},"2025-12-22",0.79699,{"date":302,"score":159,"percentile":300},"2025-12-23",{"date":304,"score":159,"percentile":305},"2025-12-24",0.79714,{"date":307,"score":159,"percentile":308},"2025-12-25",0.79735,{"date":310,"score":159,"percentile":311},"2025-12-26",0.7973,{"date":313,"score":314,"percentile":315},"2025-12-27",0.01261,0.79006,{"date":317,"score":159,"percentile":318},"2025-12-28",0.79718,{"date":320,"score":159,"percentile":321},"2025-12-29",0.79715,{"date":323,"score":159,"percentile":324},"2025-12-30",0.7972,{"date":326,"score":159,"percentile":308},"2025-12-31",{"date":328,"score":329,"percentile":330},"2026-01-01",0.00781,0.73292,{"date":332,"score":329,"percentile":333},"2026-01-02",0.7329,{"date":335,"score":329,"percentile":336},"2026-01-03",0.73289,{"date":338,"score":159,"percentile":339},"2026-01-04",0.79724,{"date":341,"score":159,"percentile":342},"2026-01-05",0.79722,{"date":344,"score":159,"percentile":345},"2026-01-06",0.79726,{"date":347,"score":159,"percentile":311},"2026-01-07",{"date":349,"score":159,"percentile":350},"2026-01-08",0.79739,{"date":352,"score":159,"percentile":353},"2026-01-09",0.79741,{"date":355,"score":159,"percentile":356},"2026-01-10",0.7974,{"date":358,"score":159,"percentile":359},"2026-01-11",0.79733,{"date":361,"score":159,"percentile":318},"2026-01-12",{"date":363,"score":159,"percentile":321},"2026-01-13",{"date":365,"score":159,"percentile":366},"2026-01-14",0.79736,{"date":368,"score":159,"percentile":350},"2026-01-15",{"date":370,"score":159,"percentile":371},"2026-01-16",0.79748,{"date":373,"score":159,"percentile":374},"2026-01-17",0.79756,{"date":376,"score":159,"percentile":377},"2026-01-18",0.79747,{"date":379,"score":159,"percentile":356},"2026-01-19",{"date":381,"score":159,"percentile":382},"2026-01-20",0.79742,{"date":384,"score":159,"percentile":385},"2026-01-21",0.7975,{"date":387,"score":159,"percentile":388},"2026-01-22",0.79761,{"date":390,"score":159,"percentile":391},"2026-01-23",0.7979,{"date":393,"score":159,"percentile":394},"2026-01-24",0.79801,{"date":396,"score":159,"percentile":397},"2026-01-25",0.79791,{"date":399,"score":400,"percentile":401},"2026-01-26",0.00934,0.75692,{"date":403,"score":400,"percentile":404},"2026-01-27",0.75691,{"date":406,"score":400,"percentile":407},"2026-01-28",0.75701,{"date":409,"score":400,"percentile":410},"2026-01-29",0.75698,{"date":412,"score":400,"percentile":413},"2026-01-30",0.75704,{"date":415,"score":400,"percentile":416},"2026-01-31",0.75703,{"date":418,"score":419,"percentile":420},"2026-02-01",0.00547,0.6746,[422],{"source":133,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":423,"cvss_v4_0":9},{"baseScore":131,"baseSeverity":424,"vectorString":134,"impactScore":425,"exploitabilityScore":426},"HIGH",6,10,[428,437],{"ecosystem":9,"name":429,"vendor":430,"product":431,"cpe_part":432,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":433},"debian linux","debian","debian_linux","o",[434],{"version":435,"is_range":127,"range_type":436,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":438,"vendor":439,"product":438,"cpe_part":440,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":441},"rails","rubyonrails","a",[442,447],{"version":443,"is_range":444,"range_type":436,"version_start":9,"version_start_type":9,"version_end":445,"version_end_type":446,"fixed_in":9},"lt6.1.7.1",true,"6.1.7.1","excluding",{"version":448,"is_range":444,"range_type":436,"version_start":449,"version_start_type":450,"version_end":451,"version_end_type":446,"fixed_in":9},"gte7.0.0_lt7.0.4.1","7.0.0","including","7.0.4.1"]