[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-47888":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":26,"downstream":27,"duplicates":46,"related":47,"reserved_at":9,"published_at":52,"modified_at":53,"state":54,"summary":55,"references_raw":64,"kevs":88,"epss":89,"epss_history":92,"metrics":363,"affected":370},"CVE-2024-47888","Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the `plain_text_for_blockquote_node helper` in Action Text. Carefully crafted text can cause the `plain_text_for_blockquote_node` helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling `plain_text_for_blockquote_node` or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 depends on Ruby 3.2 or greater so is unaffected.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-1333","Inefficient Regular Expression Complexity","The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.","weakness","Draft","Base","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[],[],[28,30,32,34,36,38,40,42,44],{"_key":29},"DLA-4383-1",{"_key":31},"OPENSUSE-SU-2024:14473-1",{"_key":33},"OPENSUSE-SU-2024:14479-1",{"_key":35},"OPENSUSE-SU-2025:15111-1",{"_key":37},"OPENSUSE-SU-2025:15124-1",{"_key":39},"DSA-5881-1",{"_key":41},"DEBIAN-CVE-2024-47888",{"_key":43},"UBUNTU-CVE-2024-47888",{"_key":45},"USN-7290-1",[],[48,49,50,51],{"_key":31},{"_key":33},{"_key":35},{"_key":37},"2024-10-16T20:31:06.037Z","2024-10-16T20:52:22.728Z","Deferred",{"cisa_kev":56,"cisa_ransomware":56,"cisa_vendor":9,"epss_severity":57,"epss_score":58,"severity":59,"severity_score":60,"severity_version":61,"severity_source":62,"severity_vector":63,"severity_status":54},false,"low",0.00476,"medium",6.6,"v4.0","cve.org","CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",[65,71,76,80,84],{"url":66,"sources":67,"tags":69},"https://github.com/rails/rails/security/advisories/GHSA-wwhv-wxv9-rpgw",[62,68],"nvd",[70],"X Refsource CONFIRM",{"url":72,"sources":73,"tags":74},"https://github.com/rails/rails/commit/4f4312b21a6448336de7c7ab0c4d94b378def468",[62,68],[75],"X Refsource MISC",{"url":77,"sources":78,"tags":79},"https://github.com/rails/rails/commit/727b0946c3cab04b825c039435eac963d4e91822",[62,68],[75],{"url":81,"sources":82,"tags":83},"https://github.com/rails/rails/commit/ba286c0a310b7f19cf5cac2a7a4c9def5cf9882e",[62,68],[75],{"url":85,"sources":86,"tags":87},"https://github.com/rails/rails/commit/de0df7caebd9cb238a6f10dca462dc5f8d5e98b5",[62,68],[75],[],{"date":90,"score":58,"percentile":91},"2026-06-04",0.65211,[93,97,100,103,106,109,112,115,118,121,124,127,130,133,136,140,143,146,148,150,154,158,161,164,166,169,172,175,179,182,186,190,193,196,199,202,205,208,211,214,217,220,223,225,228,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,311,314,316,319,321,325,328,331,334,337,340,343,345,348,351,354,356,359],{"date":94,"score":95,"percentile":96},"2025-11-04",0.0041,0.60615,{"date":98,"score":95,"percentile":99},"2025-11-05",0.606,{"date":101,"score":95,"percentile":102},"2025-11-06",0.60603,{"date":104,"score":95,"percentile":105},"2025-11-07",0.60617,{"date":107,"score":95,"percentile":108},"2025-11-08",0.6062,{"date":110,"score":95,"percentile":111},"2025-11-09",0.60616,{"date":113,"score":95,"percentile":114},"2025-11-10",0.60592,{"date":116,"score":95,"percentile":117},"2025-11-11",0.60606,{"date":119,"score":95,"percentile":120},"2025-11-12",0.60631,{"date":122,"score":95,"percentile":123},"2025-11-13",0.6064,{"date":125,"score":95,"percentile":126},"2025-11-14",0.60649,{"date":128,"score":95,"percentile":129},"2025-11-15",0.60639,{"date":131,"score":95,"percentile":132},"2025-11-16",0.60626,{"date":134,"score":95,"percentile":135},"2025-11-17",0.60627,{"date":137,"score":138,"percentile":139},"2025-11-18",0.01546,0.79826,{"date":141,"score":138,"percentile":142},"2025-11-19",0.7983,{"date":144,"score":138,"percentile":145},"2025-11-20",0.79837,{"date":147,"score":95,"percentile":123},"2025-11-21",{"date":149,"score":95,"percentile":123},"2025-11-22",{"date":151,"score":152,"percentile":153},"2025-11-23",0.00401,0.60006,{"date":155,"score":156,"percentile":157},"2025-11-24",0.0035,0.56789,{"date":159,"score":156,"percentile":160},"2025-11-25",0.56793,{"date":162,"score":156,"percentile":163},"2025-11-26",0.56797,{"date":165,"score":156,"percentile":163},"2025-11-27",{"date":167,"score":156,"percentile":168},"2025-11-28",0.56772,{"date":170,"score":156,"percentile":171},"2025-11-29",0.56761,{"date":173,"score":156,"percentile":174},"2025-11-30",0.56752,{"date":176,"score":177,"percentile":178},"2025-12-01",0.00177,0.39523,{"date":180,"score":177,"percentile":181},"2025-12-02",0.39532,{"date":183,"score":184,"percentile":185},"2025-12-03",0.00182,0.40161,{"date":187,"score":188,"percentile":189},"2025-12-04",0.0036,0.57431,{"date":191,"score":188,"percentile":192},"2025-12-05",0.57444,{"date":194,"score":188,"percentile":195},"2025-12-06",0.57443,{"date":197,"score":188,"percentile":198},"2025-12-07",0.5744,{"date":200,"score":188,"percentile":201},"2025-12-08",0.57441,{"date":203,"score":188,"percentile":204},"2025-12-09",0.57466,{"date":206,"score":188,"percentile":207},"2025-12-10",0.57521,{"date":209,"score":188,"percentile":210},"2025-12-11",0.57546,{"date":212,"score":188,"percentile":213},"2025-12-12",0.5757,{"date":215,"score":188,"percentile":216},"2025-12-13",0.57567,{"date":218,"score":188,"percentile":219},"2025-12-14",0.57569,{"date":221,"score":188,"percentile":222},"2025-12-15",0.57553,{"date":224,"score":188,"percentile":216},"2025-12-16",{"date":226,"score":156,"percentile":227},"2025-12-17",0.56909,{"date":229,"score":156,"percentile":230},"2025-12-18",0.56949,{"date":232,"score":156,"percentile":233},"2025-12-19",0.56957,{"date":235,"score":156,"percentile":236},"2025-12-20",0.56952,{"date":238,"score":156,"percentile":239},"2025-12-21",0.56932,{"date":241,"score":156,"percentile":242},"2025-12-22",0.56914,{"date":244,"score":156,"percentile":245},"2025-12-23",0.5692,{"date":247,"score":156,"percentile":248},"2025-12-24",0.56929,{"date":250,"score":156,"percentile":251},"2025-12-25",0.56973,{"date":253,"score":156,"percentile":254},"2025-12-26",0.56969,{"date":256,"score":156,"percentile":257},"2025-12-27",0.57021,{"date":259,"score":156,"percentile":260},"2025-12-28",0.56941,{"date":262,"score":156,"percentile":263},"2025-12-29",0.56933,{"date":265,"score":156,"percentile":266},"2025-12-30",0.5693,{"date":268,"score":156,"percentile":269},"2025-12-31",0.56947,{"date":271,"score":177,"percentile":272},"2026-01-01",0.39685,{"date":274,"score":177,"percentile":275},"2026-01-02",0.39661,{"date":277,"score":177,"percentile":278},"2026-01-03",0.39653,{"date":280,"score":156,"percentile":281},"2026-01-04",0.56919,{"date":283,"score":156,"percentile":284},"2026-01-05",0.56907,{"date":286,"score":156,"percentile":287},"2026-01-06",0.56917,{"date":289,"score":156,"percentile":290},"2026-01-07",0.56944,{"date":292,"score":156,"percentile":293},"2026-01-08",0.56962,{"date":295,"score":156,"percentile":296},"2026-01-09",0.56963,{"date":298,"score":156,"percentile":299},"2026-01-10",0.56961,{"date":301,"score":156,"percentile":302},"2026-01-11",0.56939,{"date":304,"score":156,"percentile":305},"2026-01-12",0.56904,{"date":307,"score":156,"percentile":308},"2026-01-13",0.56875,{"date":310,"score":156,"percentile":287},"2026-01-14",{"date":312,"score":156,"percentile":313},"2026-01-15",0.56921,{"date":315,"score":156,"percentile":269},"2026-01-16",{"date":317,"score":156,"percentile":318},"2026-01-17",0.56938,{"date":320,"score":156,"percentile":302},"2026-01-18",{"date":322,"score":323,"percentile":324},"2026-01-19",0.00381,0.58945,{"date":326,"score":323,"percentile":327},"2026-01-20",0.58951,{"date":329,"score":323,"percentile":330},"2026-01-21",0.58953,{"date":332,"score":323,"percentile":333},"2026-01-22",0.58956,{"date":335,"score":323,"percentile":336},"2026-01-23",0.58999,{"date":338,"score":323,"percentile":339},"2026-01-24",0.59006,{"date":341,"score":323,"percentile":342},"2026-01-25",0.58967,{"date":344,"score":323,"percentile":330},"2026-01-26",{"date":346,"score":323,"percentile":347},"2026-01-27",0.58963,{"date":349,"score":323,"percentile":350},"2026-01-28",0.58971,{"date":352,"score":323,"percentile":353},"2026-01-29",0.58972,{"date":355,"score":323,"percentile":353},"2026-01-30",{"date":357,"score":323,"percentile":358},"2026-01-31",0.58975,{"date":360,"score":361,"percentile":362},"2026-02-01",0.00192,0.4124,[364,367],{"source":62,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":365},{"baseScore":60,"baseSeverity":366,"vectorString":63,"impactScore":9,"exploitabilityScore":9},"MEDIUM",{"source":68,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":368},{"baseScore":60,"baseSeverity":366,"vectorString":369,"impactScore":9,"exploitabilityScore":9},"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",[371],{"ecosystem":9,"name":372,"vendor":372,"product":372,"cpe_part":373,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":374},"rails","a",[375,382,386,390],{"version":376,"is_range":377,"range_type":62,"version_start":378,"version_start_type":379,"version_end":380,"version_end_type":381,"fixed_in":9},">= 6.0.0, \u003C 6.1.7.9",true,"6.0.0","including","6.1.7.9","excluding",{"version":383,"is_range":377,"range_type":62,"version_start":384,"version_start_type":379,"version_end":385,"version_end_type":381,"fixed_in":9},">= 7.0.0, \u003C 7.0.8.5","7.0.0","7.0.8.5",{"version":387,"is_range":377,"range_type":62,"version_start":388,"version_start_type":379,"version_end":389,"version_end_type":381,"fixed_in":9},">= 7.1.0, \u003C 7.1.4.1","7.1.0","7.1.4.1",{"version":391,"is_range":377,"range_type":62,"version_start":392,"version_start_type":379,"version_end":393,"version_end_type":381,"fixed_in":9},">= 7.2.0, \u003C 7.2.1.1","7.2.0","7.2.1.1"]