Уязвимость CVE-2024-49761

CVE-2024-49761

CVSS3: 7.5

ubuntu

около 1 года назад

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.

CVE-2024-49761

CVSS3: 7.5

redhat

около 1 года назад

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.

CVE-2024-49761

CVSS3: 7.5

nvd

около 1 года назад

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.

CVE-2024-49761

CVSS3: 7.5

debian

около 1 года назад

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ...

ROS-20241112-06

CVSS3: 7.5

redos

12 месяцев назад

Уязвимость rubygem-rexml

exploitDog

CVE-2024-49761

Описание

Связанные уязвимости