Количество 14
Количество 14
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
CVE-2024-49761
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ...
ROS-20241112-06
Уязвимость rubygem-rexml
GHSA-2rxp-v6pw-ch6m
REXML ReDoS vulnerability
ELSA-2024-10860
ELSA-2024-10860: ruby:3.1 security update (IMPORTANT)
ELSA-2024-10858
ELSA-2024-10858: ruby security update (IMPORTANT)
ELSA-2024-10850
ELSA-2024-10850: ruby:2.5 security update (IMPORTANT)
ELSA-2024-10834
ELSA-2024-10834: ruby:3.1 security update (IMPORTANT)
BDU:2024-09876
Уязвимость набора инструментов XML для Ruby REXML, связанная с использованием регулярного выражения c неэффективной вычислительной сложностью, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»
SUSE-SU-2025:0736-1
Security update for ruby2.5
openSUSE-SU-2025:0129-1
Security update for rubygem-rexml
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | CVSS3: 7.5 | 0% Низкий | 7 месяцев назад | |
| CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ... | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | ROS-20241112-06 Уязвимость rubygem-rexml | CVSS3: 7.5 | 0% Низкий | 7 месяцев назад |
| GHSA-2rxp-v6pw-ch6m REXML ReDoS vulnerability | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| ELSA-2024-10860 ELSA-2024-10860: ruby:3.1 security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-10858 ELSA-2024-10858: ruby security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-10850 ELSA-2024-10850: ruby:2.5 security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-10834 ELSA-2024-10834: ruby:3.1 security update (IMPORTANT) | 7 месяцев назад | ||
 | BDU:2024-09876 Уязвимость набора инструментов XML для Ruby REXML, связанная с использованием регулярного выражения c неэффективной вычислительной сложностью, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании» | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | SUSE-SU-2025:0736-1 Security update for ruby2.5 | 4 месяца назад | ||
| openSUSE-SU-2025:0129-1 Security update for rubygem-rexml | 2 месяца назад |
Уязвимостей на страницу