REXML gem has ReDoS vulnerability parsing XML with many digits between hex numeric character reference. Patch included in 3.3.
Reporter | Title | Published | Views | Family All 131 |
---|---|---|---|---|
![]() | RHEL 8 : ruby:2.5 (RHSA-2024:10850) | 6 Dec 202400:00 | – | nessus |
![]() | RHEL 9 : ruby (RHSA-2024:10977) | 12 Dec 202400:00 | – | nessus |
![]() | CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-49761) | 12 Nov 202400:00 | – | nessus |
![]() | RHEL 8 : ruby:3.1 (RHSA-2024:10966) | 11 Dec 202400:00 | – | nessus |
![]() | RHEL 9 : ruby (RHSA-2024:10858) | 6 Dec 202400:00 | – | nessus |
![]() | RHEL 9 : ruby (RHSA-2024:10964) | 11 Dec 202400:00 | – | nessus |
![]() | RHEL 9 : ruby:3.1 (RHSA-2024:10984) | 12 Dec 202400:00 | – | nessus |
![]() | RHEL 8 : ruby:2.5 (RHSA-2024:11029) | 13 Dec 202400:00 | – | nessus |
![]() | Oracle Linux 9 : ruby (ELSA-2024-10858) | 11 Dec 202400:00 | – | nessus |
![]() | Oracle Linux 9 : ruby:3.1 (ELSA-2024-10860) | 6 Dec 202400:00 | – | nessus |
[
{
"vendor": "ruby",
"product": "rexml",
"versions": [
{
"version": "< 3.3.9",
"status": "affected"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo