Количество 15
Количество 15
GHSA-vmwr-mc7x-5vc3
REXML denial of service vulnerability
CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.
CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.
CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.
CVE-2024-43398
CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS ...
BDU:2024-07430
Уязвимость набора инструментов XML для Ruby REXML, связанная с неправильным ограничением рекурсивных ссылок на сущности в DTD, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20240918-12
Множественные уязвимости rubygem-rexml
ELSA-2024-6670
ELSA-2024-6670: pcs security update (MODERATE)
ELSA-2024-6785
ELSA-2024-6785: ruby:3.3 security update (MODERATE)
ELSA-2024-6784
ELSA-2024-6784: ruby:3.3 security update (MODERATE)
SUSE-SU-2024:3874-1
Security update for ruby2.5
openSUSE-SU-2025:0129-1
Security update for rubygem-rexml
ELSA-2025-4488
ELSA-2025-4488: ruby:3.1 security update (MODERATE)
ELSA-2025-4063
ELSA-2025-4063: ruby:3.1 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-vmwr-mc7x-5vc3 REXML denial of service vulnerability | CVSS3: 5.9 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-43398 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability. | CVSS3: 5.9 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-43398 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability. | CVSS3: 5.9 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-43398 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability. | CVSS3: 5.9 | 0% Низкий | 10 месяцев назад |
 | CVSS3: 5.9 | 0% Низкий | 6 месяцев назад | |
| CVE-2024-43398 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS ... | CVSS3: 5.9 | 0% Низкий | 10 месяцев назад |
 | BDU:2024-07430 Уязвимость набора инструментов XML для Ruby REXML, связанная с неправильным ограничением рекурсивных ссылок на сущности в DTD, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 0% Низкий | 10 месяцев назад |
 | ROS-20240918-12 Множественные уязвимости rubygem-rexml | CVSS3: 7.5 | 9 месяцев назад | |
| ELSA-2024-6670 ELSA-2024-6670: pcs security update (MODERATE) | 9 месяцев назад | ||
| ELSA-2024-6785 ELSA-2024-6785: ruby:3.3 security update (MODERATE) | 9 месяцев назад | ||
| ELSA-2024-6784 ELSA-2024-6784: ruby:3.3 security update (MODERATE) | 9 месяцев назад | ||
 | SUSE-SU-2024:3874-1 Security update for ruby2.5 | 8 месяцев назад | ||
| openSUSE-SU-2025:0129-1 Security update for rubygem-rexml | 2 месяца назад | ||
| ELSA-2025-4488 ELSA-2025-4488: ruby:3.1 security update (MODERATE) | около 2 месяцев назад | ||
| ELSA-2025-4063 ELSA-2025-4063: ruby:3.1 security update (MODERATE) | около 2 месяцев назад |
Уязвимостей на страницу