[CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support’s underscore

I reported at https://hackerone.com/reports/1681972 https://discuss.rubyonrails.org/t/cve-2023-22796-possible-redos-based-dos-vulnerability-in-active-supports-underscore/82116 > A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability. > This affects String#underscore, ActiveSupport::Inflector.underscore, String#titleize, and any other methods using these. > All users running an affected release should either upgrade or use one of the workarounds immediately. ## Impact ReDoS when `.underscore` uses user input. Also, `titleize`, `tableize`, and `foreign_key` using `.underscore` will also have the same problem.