Количество 20
Количество 20
GHSA-2rxp-v6pw-ch6m
REXML ReDoS vulnerability
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ...
RLSA-2024:10860
Important: ruby:3.1 security update
RLSA-2024:10858
Important: ruby security update
RLSA-2024:10850
Important: ruby:2.5 security update
RLSA-2024:10834
Important: ruby:3.1 security update
ELSA-2025-11047
ELSA-2025-11047: pcs security update (MODERATE)
ELSA-2024-10860
ELSA-2024-10860: ruby:3.1 security update (IMPORTANT)
ELSA-2024-10858
ELSA-2024-10858: ruby security update (IMPORTANT)
ELSA-2024-10850
ELSA-2024-10850: ruby:2.5 security update (IMPORTANT)
ELSA-2024-10834
ELSA-2024-10834: ruby:3.1 security update (IMPORTANT)
BDU:2024-09876
Уязвимость набора инструментов XML для Ruby REXML, связанная с использованием регулярного выражения c неэффективной вычислительной сложностью, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»
SUSE-SU-2025:0736-1
Security update for ruby2.5
ROS-20241112-06
Уязвимость rubygem-rexml
openSUSE-SU-2025:0129-1
Security update for rubygem-rexml
SUSE-SU-2025:4264-1
Security update for ruby2.5
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-2rxp-v6pw-ch6m REXML ReDoS vulnerability | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVSS3: 7.5 | 1% Низкий | около 1 года назад | |
| CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ... | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | RLSA-2024:10860 Important: ruby:3.1 security update | 1% Низкий | около 1 года назад | |
| RLSA-2024:10858 Important: ruby security update | 1% Низкий | 10 месяцев назад | |
| RLSA-2024:10850 Important: ruby:2.5 security update | 1% Низкий | около 1 года назад | |
| RLSA-2024:10834 Important: ruby:3.1 security update | 1% Низкий | около 1 года назад | |
| ELSA-2025-11047 ELSA-2025-11047: pcs security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2024-10860 ELSA-2024-10860: ruby:3.1 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-10858 ELSA-2024-10858: ruby security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-10850 ELSA-2024-10850: ruby:2.5 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-10834 ELSA-2024-10834: ruby:3.1 security update (IMPORTANT) | около 1 года назад | ||
 | BDU:2024-09876 Уязвимость набора инструментов XML для Ruby REXML, связанная с использованием регулярного выражения c неэффективной вычислительной сложностью, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании» | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | SUSE-SU-2025:0736-1 Security update for ruby2.5 | 11 месяцев назад | ||
 | ROS-20241112-06 Уязвимость rubygem-rexml | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
| openSUSE-SU-2025:0129-1 Security update for rubygem-rexml | 9 месяцев назад | ||
| SUSE-SU-2025:4264-1 Security update for ruby2.5 | около 2 месяцев назад |
Уязвимостей на страницу