Lucene search
+L

49 matches found

Prion
Prion
added 2014/11/03 4:55 p.m.32 views

Design/Logic Flaw

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service memory consumption via a crafted XML document, aka an XML Entity Expansion XEE attack...

5CVSS6.5AI score0.05538EPSS
Exploits1References20Affected Software4
Cvelist
Cvelist
added 2014/11/03 4:0 p.m.43 views

CVE-2014-8080

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service memory consumption via a crafted XML document, aka an XML Entity Expansion XEE attack...

5.5AI score0.05538EPSS
Exploits1References20
CVE
CVE
added 2014/11/03 4:0 p.m.143 views

CVE-2014-8080

CVE-2014-8080 affects the REXML XML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4, where specially crafted XML can cause a denial of service via XML Entity Expansion (XEE). Affected Ruby versions are vulnerable to memory (and CPU) exhaustion. Remediation ...

5CVSS5.5AI score0.05538EPSS
Exploits1References20Affected Software1
EUVD
EUVD
added 2014/11/03 4:0 p.m.4 views

EUVD-2014-7929

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service memory consumption via a crafted XML document, aka an XML Entity Expansion XEE attack...

5CVSS6.7AI score0.05538EPSS
Exploits1References31
UbuntuCve
UbuntuCve
added 2014/10/29 12:0 a.m.30 views

CVE-2014-8080

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service memory consumption via a crafted XML document, aka an XML Entity Expansion XEE attack...

5CVSS6.8AI score0.05538EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.39 views

Amazon Linux AMI : ruby19 (ALAS-2013-195)

lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service memory consumption and crash via crafted text nodes in an XML document, aka an XML Entity Expansion XEE attack. C Tenable Network Security, Inc. The descriptive text and package...

5CVSS8.1AI score0.06671EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/04/09 9:0 p.m.36 views

CVE-2013-1821

lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service memory consumption and crash via crafted text nodes in an XML document, aka an XML Entity Expansion XEE attack...

5.5AI score0.06671EPSS
Exploits0References23
CVE
CVE
added 2013/04/09 9:0 p.m.143 views

CVE-2013-1821

CVE-2013-1821 is an XML Entity Expansion (XEE) denial-of-service vulnerability in the REXML parser of Ruby. The provided sources confirm affected Ruby/REXML configurations across multiple lines: Ruby before 1.9.3-p392 (initial description) and extended references indicate the issue affects 1.9.x ...

5CVSS5.4AI score0.06671EPSS
Exploits0References23Affected Software1
UbuntuCve
UbuntuCve
added 2013/03/07 12:0 a.m.34 views

CVE-2013-1821

lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service memory consumption and crash via crafted text nodes in an XML document, aka an XML Entity Expansion XEE attack...

5CVSS7.2AI score0.06671EPSS
Exploits0References3
Rows per page
Query Builder