9 matches found
Astra Linux - уязвимость в ruby2.5
REXML is an XML toolkit for Ruby. The REXML gem before version 3.3.6 has a DoS vulnerability when it parses XMLs that contain many elements with the same local name attribute. If you need to parse untrusted XMLs using tree parser APIs like REXML::Document.new, you may be vulnerable to this...
MAL-2025-176030 Malicious code in mibadsdadh-natufa-munfsa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42ffa48b5236d1d4328f6501d8705f9061ecf33db8006e09b1ba292fb1fd9d85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141353 Malicious code in csv-pulsar-epimetheus-telesto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34e11fb22440796e42a2a2d5782333373007b60a5795efe3498f6856ceaeaffa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tuti-rojak81-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64298c025a58e65903d1cea94b2165cfcb8febb9189403235dc90e2d7026e621 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
rexml: DoS vulnerability in REXML
A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...
rexml: DoS vulnerability in REXML
A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...
rexml: DoS vulnerability in REXML
A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...
SUSE CVE-2024-43398
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability...
The ugidd RPC interface by design allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
...