22 matches found
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005318)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005318 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace...
SUSE CVE-2025-58767
REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Overview rexml is an An XML toolkit for Ruby. Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity Expansion' due to parsing XML. An attacker can cause excessive resource consumption and disrupt service availability by...
CVE-2025-58767 REXML has a DoS condition when parsing malformed XML file
REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...
CVE-2025-58767
REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...
rexml: REXML ReDoS vulnerability
A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...
rexml: REXML ReDoS vulnerability
A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...
rexml: REXML ReDoS vulnerability
A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...
rexml: REXML ReDoS vulnerability
A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...
The vulnerability of the XML tools for Ruby REXML arises from the use of a regular expression c, which has an inefficient computational cost. This allows attackers to perform a type of “denial-of-service” attack.
The vulnerability of the XML tools for Ruby REXML relates to the use of a regular expression with high computational complexity. Exploiting this vulnerability allows an attacker to perform a type of “denial-of-service” attack remotely...
UBUNTU-CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability...
REXML 安全漏洞
REXML is a Ruby open source XML toolkit for Ruby. A security vulnerability exists in REXML versions prior to 3.3.6, which stems from a denial of service DoS vulnerability when parsing deep XML containing many attributes with the same local name...
ALPINE-CVE-2024-41946
REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...
ALPINE-CVE-2024-41123
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities...
Denial of Service (DoS)
Overview rexml is an An XML toolkit for Ruby. Affected versions of this package are vulnerable to Denial of Service DoS via the REXML gem, when parsing an XML document that has many specific characters such as whitespace character, and . Details Denial of Service DoS describes a family of attacks...
REXML 安全漏洞
REXML is a Ruby open source XML toolkit for Ruby. A security vulnerability exists in REXML versions prior to 3.3.2, which stems from a number of DoS vulnerabilities when parsing XML containing many special characters...
REXML 安全漏洞
REXML is a Ruby open source XML toolkit for Ruby. A security vulnerability exists in REXML versions prior to 3.3.3, which stems from a DoS vulnerability when parsing XML with many entity extensions...
SUSE CVE-2024-39908
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as . If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix...
AZL-45429 CVE-2024-39908 affecting package rubygem-rexml for versions less than 3.2.7-4
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as . If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix...
UBUNTU-CVE-2024-39908
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as . If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix...