There is a possible regular expression based DoS vulnerability in Active Support. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability. This affects `String#underscore`, `ActiveSupport::Inflector.underscore`, `String#titleize`, and any other methods using these. All users running an affected release should either upgrade or use one of the workarounds immediately.Read More