5 matches found
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005310)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005310 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those...
Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-1204)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1204 advisory. REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be...
rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]>
A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '', and ''...
rexml: REXML ReDoS vulnerability
A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...
Ruby REXML < 3.3.9 ReDoS vulnerability
The version of the REXML Ruby library installed on the remote host is prior to 3.3.9. It is, therefore, affected by a ReDoS vulnerability. The vulnerability lies when it parses an XML that has many digits between & and x...; in a hex numeric character reference &x...;. This does not happen with...