2 matches found
UBUNTU-CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability...
libEBML Memory Misreference Vulnerability
libEBML is a C++ library for parsing EBML files maintained by the Matroska team. A memory misreference vulnerability exists in the 'EbmlMaster::Read' function of libEBML when parsing deep nested elements of infinite size, which allows remote attackers to exploit the vulnerability to access freed...