QwikSec

Security Database

CVE

CWE

Training

CVE-2024-0241

Published: Jan 4, 2024

Modified: May 14, 2026

PUBLISHED

Description

encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. A remote and unauthenticated attacker might cause a denial of service condition by sending an HTTP request with an extremely long "id" parameter.

Vendor	Product	Versions
Unknown	encoded_id-rails	affected `0 - < 1.0.0.beta2`

Weaknesses (CWE)

References

https://github.com/stevegeek/encoded_id-rails/security/advisories/GHSA-3px7-jm2p-6h2c

vendor-advisory

https://github.com/stevegeek/encoded_id-rails/commit/afa495a77b8a21ad582611f9cdc2081dc4018b91

patch

https://github.com/advisories/GHSA-3px7-jm2p-6h2c

third-party-advisory

https://vulncheck.com/advisories/vc-advisory-GHSA-3px7-jm2p-6h2c

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.