Количество 19
Количество 19
GHSA-vmwr-mc7x-5vc3
REXML denial of service vulnerability
CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.
CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.
CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.
CVE-2024-43398
CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS ...
BDU:2024-07430
Уязвимость набора инструментов XML для Ruby REXML, связанная с неправильным ограничением рекурсивных ссылок на сущности в DTD, позволяющая нарушителю вызвать отказ в обслуживании
ELSA-2024-6670
ELSA-2024-6670: pcs security update (MODERATE)
RLSA-2024:6785
Moderate: ruby:3.3 security update
RLSA-2024:6784
Moderate: ruby:3.3 security update
ELSA-2024-6785
ELSA-2024-6785: ruby:3.3 security update (MODERATE)
ELSA-2024-6784
ELSA-2024-6784: ruby:3.3 security update (MODERATE)
SUSE-SU-2024:3874-1
Security update for ruby2.5
openSUSE-SU-2025:0129-1
Security update for rubygem-rexml
ROS-20240918-12
Множественные уязвимости rubygem-rexml
RLSA-2025:4488
Moderate: ruby:3.1 security update
RLSA-2025:4063
Moderate: ruby:3.1 security update
ELSA-2025-4488
ELSA-2025-4488: ruby:3.1 security update (MODERATE)
ELSA-2025-4063
ELSA-2025-4063: ruby:3.1 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-vmwr-mc7x-5vc3 REXML denial of service vulnerability | CVSS3: 5.9 | 1% Низкий | больше 1 года назад |
 | CVE-2024-43398 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability. | CVSS3: 5.9 | 1% Низкий | больше 1 года назад |
 | CVE-2024-43398 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability. | CVSS3: 5.9 | 1% Низкий | больше 1 года назад |
 | CVE-2024-43398 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability. | CVSS3: 5.9 | 1% Низкий | больше 1 года назад |
 | CVSS3: 5.9 | 1% Низкий | около 1 года назад | |
| CVE-2024-43398 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS ... | CVSS3: 5.9 | 1% Низкий | больше 1 года назад |
 | BDU:2024-07430 Уязвимость набора инструментов XML для Ruby REXML, связанная с неправильным ограничением рекурсивных ссылок на сущности в DTD, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 1% Низкий | больше 1 года назад |
| ELSA-2024-6670 ELSA-2024-6670: pcs security update (MODERATE) | больше 1 года назад | ||
 | RLSA-2024:6785 Moderate: ruby:3.3 security update | больше 1 года назад | ||
| RLSA-2024:6784 Moderate: ruby:3.3 security update | больше 1 года назад | ||
| ELSA-2024-6785 ELSA-2024-6785: ruby:3.3 security update (MODERATE) | больше 1 года назад | ||
| ELSA-2024-6784 ELSA-2024-6784: ruby:3.3 security update (MODERATE) | больше 1 года назад | ||
 | SUSE-SU-2024:3874-1 Security update for ruby2.5 | около 1 года назад | ||
| openSUSE-SU-2025:0129-1 Security update for rubygem-rexml | 9 месяцев назад | ||
 | ROS-20240918-12 Множественные уязвимости rubygem-rexml | CVSS3: 7.5 | больше 1 года назад | |
| RLSA-2025:4488 Moderate: ruby:3.1 security update | 6 месяцев назад | ||
| RLSA-2025:4063 Moderate: ruby:3.1 security update | 6 месяцев назад | ||
| ELSA-2025-4488 ELSA-2025-4488: ruby:3.1 security update (MODERATE) | 9 месяцев назад | ||
| ELSA-2025-4063 ELSA-2025-4063: ruby:3.1 security update (MODERATE) | 9 месяцев назад |
Уязвимостей на страницу