Lucene search
K

732 matches found

Oracle linux
Oracle linux
added 2024/07/15 12:0 a.m.61 views

ruby security update

ruby 2.5.9-112 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. CVE-2023-36617 Resolves: RHEL-5614 - Fix Buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-34125 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-34117 -...

9.8CVSS7.3AI score0.02637EPSS
Exploits1
OSV
OSV
added 2024/07/12 11:8 a.m.5 views

OESA-2024-1824 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service...

5.3CVSS6.6AI score0.02064EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.23 views

CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-35176)

The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35176 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service...

5.3CVSS7.1AI score0.02064EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2024/06/12 10:23 p.m.26 views

CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.7-1

CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.7-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS5.8AI score0.02064EPSS
Exploits1
CBLMariner
CBLMariner
added 2024/05/31 6:55 p.m.25 views

CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.8-1

CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.8-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS7.3AI score0.02064EPSS
Exploits1
Veracode
Veracode
added 2024/05/21 7:21 a.m.23 views

Denial Of Service (DoS)

rexml is vulnerable to Denial Of Service DoS. The vulnerability is due to improper parsing of XML with many characters in an attribute value, which allows an attacker to cause Denial of Service...

5.3CVSS6.2AI score0.02064EPSS
Exploits1References4Affected Software2
SUSE CVE
SUSE CVE
added 2024/05/17 2:53 a.m.3 views

SUSE CVE-2024-35176

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS6.9AI score0.02064EPSS
Exploits1References6
OSV
OSV
added 2024/05/16 5:44 p.m.31 views

GHSA-VG3R-RM7W-2XGH REXML contains a denial of service vulnerability

Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many s in an attribute value. If you need to parse untrusted XMLs, you may be impacted to this vulnerability. Patches The REXML gem 3.2.7 or later include the patch to fix this vulnerability. Workarounds Don'...

5.3CVSS6.6AI score0.02064EPSS
Exploits1References7
Chainguard
Chainguard
added 2024/05/16 5:44 p.m.11 views

GHSA-VG3R-RM7W-2XGH vulnerabilities

Vulnerabilities for packages: logstash-output-opensearch, kube-fluentd-operator, ruby, jruby, ruby3.2-rexml...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/05/16 5:44 p.m.39 views

REXML contains a denial of service vulnerability

Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many s in an attribute value. If you need to parse untrusted XMLs, you may be impacted to this vulnerability. Patches The REXML gem 3.2.7 or later include the patch to fix this vulnerability. Workarounds Don'...

5.3CVSS5.8AI score0.02064EPSS
Exploits1References7Affected Software1
Wolfi
Wolfi
added 2024/05/16 5:44 p.m.109 views

GHSA-VG3R-RM7W-2XGH vulnerabilities

Vulnerabilities for packages: jruby, logstash-output-opensearch, ruby, ruby3.2-rexml, kube-fluentd-operator...

5.8AI score
Exploits0
OSV
OSV
added 2024/05/16 4:15 p.m.6 views

AZL-42076 CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.7-1

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS6.4AI score0.02064EPSS
Exploits1References1
OSV
OSV
added 2024/05/16 4:15 p.m.7 views

AZL-42070 CVE-2024-35176 affecting package ruby for versions less than 3.1.4-6

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS6.4AI score0.02064EPSS
Exploits1References1
OSV
OSV
added 2024/05/16 4:15 p.m.5 views

AZL-42052 CVE-2024-35176 affecting package ruby for versions less than 3.3.3-1

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS6.5AI score0.02064EPSS
Exploits1References1
NVD
NVD
added 2024/05/16 4:15 p.m.17 views

CVE-2024-35176

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS5.2AI score0.02064EPSS
Exploits1References5
OSV
OSV
added 2024/05/16 4:15 p.m.6 views

AZL-42064 CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.8-1

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS6.4AI score0.02064EPSS
Exploits1References1
Chainguard
Chainguard
added 2024/05/16 4:15 p.m.32 views

CVE-2024-35176 vulnerabilities

Vulnerabilities for packages: logstash-output-opensearch, kube-fluentd-operator, ruby, jruby, ruby3.2-rexml...

5.3CVSS6.6AI score0.02064EPSS
Exploits1
Wolfi
Wolfi
added 2024/05/16 4:15 p.m.154 views

CVE-2024-35176 vulnerabilities

Vulnerabilities for packages: jruby, logstash-output-opensearch, ruby, ruby3.2-rexml, kube-fluentd-operator...

5.3CVSS6.6AI score0.02064EPSS
Exploits1
OSV
OSV
added 2024/05/16 4:15 p.m.2 views

UBUNTU-CVE-2024-35176

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS6.6AI score0.02064EPSS
Exploits1References8
OSV
OSV
added 2024/05/16 3:13 p.m.27 views

CVE-2024-35176 REXML contains a denial of service vulnerability

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS5.7AI score0.02064EPSS
Exploits1References7
Rows per page
Query Builder