5 matches found
Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-921)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-921 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many . If you need to parse untrusted XMLs, you many be impacte...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2025-1063)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have sam...
Updated ruby packages fix security vulnerabilities
The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many . CVE-2024-39908 The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . CVE-2024-41123 The REXML gem...
EulerOS 2.0 SP10 : ruby (EulerOS-SA-2024-2914)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby.The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull...
PT-2024-6381
Name of the Vulnerable Software and Affected Versions REXML gem versions prior to 3.3.3 Description The REXML gem has some DoS vulnerabilities when it parses an XML that has many specific characters, such as whitespace characters, and , or . This vulnerability is related to uncontrolled resource...