A vulnerability in the Ruby websocket-extensions module that supports the implementation of WebSocket extensions is related to spending quadratic time parsing a header containing an unclosed string parameter value, which is a repeating two-byte sequence of backslash and some of backslash and some other character. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of…Read More