Количество 16
Количество 16
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
REXML ReDoS vulnerability
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ...
ROS-20241112-06
Уязвимость rubygem-rexml
RLSA-2024:10858
Important: ruby security update
GHSA-2rxp-v6pw-ch6m
REXML ReDoS vulnerability
ELSA-2025-11047
ELSA-2025-11047: pcs security update (MODERATE)
ELSA-2024-10860
ELSA-2024-10860: ruby:3.1 security update (IMPORTANT)
ELSA-2024-10858
ELSA-2024-10858: ruby security update (IMPORTANT)
ELSA-2024-10850
ELSA-2024-10850: ruby:2.5 security update (IMPORTANT)
ELSA-2024-10834
ELSA-2024-10834: ruby:3.1 security update (IMPORTANT)
BDU:2024-09876
Уязвимость набора инструментов XML для Ruby REXML, связанная с использованием регулярного выражения c неэффективной вычислительной сложностью, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»
SUSE-SU-2025:0736-1
Security update for ruby2.5
openSUSE-SU-2025:0129-1
Security update for rubygem-rexml
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49761 REXML ReDoS vulnerability | CVSS3: 7.5 | 1% Низкий | 11 месяцев назад |
| CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ... | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | ROS-20241112-06 Уязвимость rubygem-rexml | CVSS3: 7.5 | 1% Низкий | 12 месяцев назад |
 | RLSA-2024:10858 Important: ruby security update | 1% Низкий | 8 месяцев назад | |
| GHSA-2rxp-v6pw-ch6m REXML ReDoS vulnerability | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
| ELSA-2025-11047 ELSA-2025-11047: pcs security update (MODERATE) | 4 месяца назад | ||
| ELSA-2024-10860 ELSA-2024-10860: ruby:3.1 security update (IMPORTANT) | 11 месяцев назад | ||
| ELSA-2024-10858 ELSA-2024-10858: ruby security update (IMPORTANT) | 11 месяцев назад | ||
| ELSA-2024-10850 ELSA-2024-10850: ruby:2.5 security update (IMPORTANT) | 11 месяцев назад | ||
| ELSA-2024-10834 ELSA-2024-10834: ruby:3.1 security update (IMPORTANT) | 11 месяцев назад | ||
 | BDU:2024-09876 Уязвимость набора инструментов XML для Ruby REXML, связанная с использованием регулярного выражения c неэффективной вычислительной сложностью, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании» | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | SUSE-SU-2025:0736-1 Security update for ruby2.5 | 9 месяцев назад | ||
| openSUSE-SU-2025:0129-1 Security update for rubygem-rexml | 7 месяцев назад |
Уязвимостей на страницу