ReDoS( Ruby, Time)

I reported at https://hackerone.com/reports/1485501 https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/ > The Time parser mishandles invalid strings that have specific characters. It causes an increase in execution time for parsing strings to Time objects. > A ReDoS issue was discovered in the Time gem 0.1.0 and 0.2.1 and Time library of Ruby 2.7.7. ## Impact ReDoS occurs when `Time.rfc2822` accepts user input. In `Rack::ConditionalGet`, the header value is parsed by `Time.rfc2822`, it is possible to attack from the request. Rails uses `::Rack::ConditionalGet` by default, it can be attacked by a request from the client.