732 matches found
ruby security update
ruby 2.5.9-112 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. CVE-2023-36617 Resolves: RHEL-5614 - Fix Buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-34125 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-34117 -...
OESA-2024-1824 ruby security update
Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service...
CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-35176)
The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35176 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service...
CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.7-1
CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.7-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.8-1
CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.8-1. An upgraded version of the package is available that resolves this issue...
Denial Of Service (DoS)
rexml is vulnerable to Denial Of Service DoS. The vulnerability is due to improper parsing of XML with many characters in an attribute value, which allows an attacker to cause Denial of Service...
SUSE CVE-2024-35176
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
GHSA-VG3R-RM7W-2XGH REXML contains a denial of service vulnerability
Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many s in an attribute value. If you need to parse untrusted XMLs, you may be impacted to this vulnerability. Patches The REXML gem 3.2.7 or later include the patch to fix this vulnerability. Workarounds Don'...
GHSA-VG3R-RM7W-2XGH vulnerabilities
Vulnerabilities for packages: logstash-output-opensearch, kube-fluentd-operator, ruby, jruby, ruby3.2-rexml...
REXML contains a denial of service vulnerability
Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many s in an attribute value. If you need to parse untrusted XMLs, you may be impacted to this vulnerability. Patches The REXML gem 3.2.7 or later include the patch to fix this vulnerability. Workarounds Don'...
GHSA-VG3R-RM7W-2XGH vulnerabilities
Vulnerabilities for packages: jruby, logstash-output-opensearch, ruby, ruby3.2-rexml, kube-fluentd-operator...
AZL-42076 CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.7-1
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
AZL-42070 CVE-2024-35176 affecting package ruby for versions less than 3.1.4-6
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
AZL-42052 CVE-2024-35176 affecting package ruby for versions less than 3.3.3-1
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
CVE-2024-35176
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
AZL-42064 CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.8-1
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
CVE-2024-35176 vulnerabilities
Vulnerabilities for packages: logstash-output-opensearch, kube-fluentd-operator, ruby, jruby, ruby3.2-rexml...
CVE-2024-35176 vulnerabilities
Vulnerabilities for packages: jruby, logstash-output-opensearch, ruby, ruby3.2-rexml, kube-fluentd-operator...
UBUNTU-CVE-2024-35176
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...
CVE-2024-35176 REXML contains a denial of service vulnerability
REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...