4 matches found
rexml: REXML ReDoS vulnerability
A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...
rexml: REXML ReDoS vulnerability
A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...
rexml: REXML ReDoS vulnerability
A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...
Internet Bug Bounty: CVE-2024-49761: ReDoS vulnerability in REXML
CVE-2024-49761 was a ReDoS vulnerability in the REXML gem. The vulnerability was caused by the parsing of XML input with many digits between "&" and "x...;" in a hex numeric character reference. This issue was resolved by updating the REXML gem to version 3.3.9 or later...