Asac

**Name of the Vulnerable Software and Affected Versions** Ruby versions prior to 2.2.8 Ruby versions 2.3.x prior to 2.3.5 Ruby versions 2.4.x through 2.4.1 **Description** The issue allows attackers to cause a denial of service, resulting in an interpreter crash, via a crafted string. This is due to a problem in the decode method of the OpenSSL::ASN1 module in Ruby. **Recommendations** For Ruby versions prior to 2.2.8, update to version 2.2.8 or later. For Ruby versions 2.3.x prior to 2.3.5, update to version 2.3.5 or later. For Ruby versions 2.4.x through 2.4.1, update to a version later than 2.4.1. As a temporary workaround, consider disabling the `decode` method in the `OpenSSL::ASN1` module until a patch is available.