ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:16178 Final 1 1 2025-05-17T00:00:00Z current 2025-05-17T00:00:00Z 2025-05-17T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media These are all security issues fixed in the ruby3.4-rubygem-globalid-1.2.1-1.7 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-16178 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2023-22799/ SUSE CVE CVE-2023-22799 page openSUSE Tumbleweed ruby3.4-rubygem-globalid-1.2.1-1.7 ruby3.4-rubygem-globalid-1.2.1-1.7 as a component of openSUSE Tumbleweed A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an affected release should either upgrade or use one of the workarounds immediately. CVE-2023-22799 openSUSE Tumbleweed:ruby3.4-rubygem-globalid-1.2.1-1.7 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-22799.html CVE-2023-22799 https://bugzilla.suse.com/1207587 SUSE Bug 1207587