Vulnerability in Ruby-concurrency Concurrent-ruby
CVE-2026-54904
concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReference#update can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicRef…
Affected products
- Ruby-concurrency Concurrent-ruby — versions < 1.3.7
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)