Lucene search
+L

17 matches found

Cvelist
Cvelist
added 2026/07/09 9:45 p.m.33 views

CVE-2026-15274 lo48576 fbxcel Node Header parser.rs denial of service

A vulnerability was detected in lo48576 fbxcel up to 0.9.0. This affects an unknown part of the file src/pullparser/v7400/parser.rs of the component Node Header Handler. The manipulation results in denial of service. The attack must be initiated from a local position. The exploit is now public an...

4.8CVSS0.0012EPSS
Exploits0References7
OSV
OSV
added 2026/04/28 8:58 a.m.11 views

CLSA-2026-1777366733 python3: Fix of CVE-2026-1299

CVE-2026-1299: reject newline injection in email module's BytesGenerator when serializing headers - Skip test.testxmletree.XMLPullParserTest.testsimplexml during RPM build; unrelated expat-2.1.0-15.0.7.tuxcare.els1 regression breaks XMLPullParser chunked-feed semantics in TuxCare ELS el7 build...

6CVSS5.8AI score0.0056EPSS
Exploits0References1
OSV
OSV
added 2026/04/27 4:51 p.m.11 views

CLSA-2026-1777308690 python3: Fix of CVE-2026-1299

CVE-2026-1299: reject newline injection in email module's BytesGenerator when serializing headers - Skip test.testxmletree.XMLPullParserTest.testsimplexml during RPM build; unrelated expat-2.1.0-15.0.7.tuxcare.els1 regression breaks XMLPullParser chunked-feed semantics in TuxCare ELS el7 build...

6CVSS7.1AI score0.0056EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2501

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.01192EPSS
Exploits0References8
Redos
Redos
added 2024/09/19 12:0 a.m.25 views

ROS-20240918-12

A vulnerability in the Ruby REXML XML toolkit is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service The XML Toolkit for Ruby REXML vulnerability is related to the presence of a DoS vulnerability in X...

7.5CVSS7AI score0.01283EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/08/06 2:0 a.m.4 views

SUSE CVE-2024-41946

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...

5.3CVSS7.1AI score0.01192EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2024/08/02 12:33 p.m.34 views

REXML DoS vulnerability

Impact The REXML gem before 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. If you need to parse untrusted XMLs with SAX2 or pull parser API, you may be impacted to this vulnerability. Patches The REXML gem 3.3.3 or later include t...

7.5CVSS6.7AI score0.01192EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/08/02 12:33 p.m.21 views

GHSA-5866-49GR-22V4 REXML DoS vulnerability

Impact The REXML gem before 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. If you need to parse untrusted XMLs with SAX2 or pull parser API, you may be impacted to this vulnerability. Patches The REXML gem 3.3.3 or later include t...

7.5CVSS5.9AI score0.01192EPSS
Exploits0References9
Snyk
Snyk
added 2024/08/01 2:42 p.m.1 views

Uncontrolled Resource Consumption ('Resource Exhaustion')

Overview rexml is an An XML toolkit for Ruby. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption 'Resource Exhaustion' via the SAX2 or pull parser API. An attacker can cause the application to consume excessive resources leading to a denial of service by...

7.5CVSS6.9AI score0.01192EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/01 2:22 p.m.22 views

CVE-2024-41946 REXML DoS vulnerability

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...

5.3CVSS6.9AI score0.01192EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/08/01 2:22 p.m.30 views

CVE-2024-41946 REXML DoS vulnerability

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...

5.3CVSS0.01192EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2024/08/01 2:22 p.m.22 views

CVE-2024-41946

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...

7.5CVSS5.4AI score0.01192EPSS
Exploits0
OSV
OSV
added 2024/08/01 2:22 p.m.16 views

CVE-2024-41946 REXML DoS vulnerability

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...

5.3CVSS6.4AI score0.01192EPSS
Exploits0References8
CVE
CVE
added 2024/08/01 2:22 p.m.359 views

CVE-2024-41946

CVE-2024-41946 is a Denial of Service (DoS) vulnerability in the Ruby REXML XML toolkit. It affects the REXML gem when parsing XML that contains many entity expansions using SAX2 or the pull parser API. The issue is fixed in REXML gem version 3.3.3 and later; older releases (notably 3.3.2) are vu...

7.5CVSS5.4AI score0.01192EPSS
Exploits0References6Affected Software1
RubySec
RubySec
added 2024/08/01 12:0 a.m.19 views

DoS vulnerabilities in REXML

There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-41946. We strongly recommend upgrading the REXML gem. Details When parsing an XML that has many entity expansions with SAX2 or pull parser API, REXML gem may take long time. Please update...

7.5CVSS5.4AI score0.01192EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.13 views

Fedora: Security Advisory for rust-pulldown-cmark (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2021/08/16 1:18 a.m.27 views

[SECURITY] Fedora 34 Update: rust-pulldown-cmark-0.8.0-4.fc34

Pull parser for CommonMark...

9.8CVSS3.2AI score0.01923EPSS
Exploits0
Rows per page
Query Builder