Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005310)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005310 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those...

5.3CVSS8AI score0.02064EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/30 12:0 a.m.7 views

Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-1204)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1204 advisory. REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be...

5.3CVSS6.9AI score0.00231EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/04/23 10:34 a.m.2 views

rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]>

A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '', and ''...

7.5CVSS7.3AI score0.01283EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/12/11 4:49 p.m.5 views

rexml: REXML ReDoS vulnerability

A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...

8.7CVSS7.3AI score0.01429EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/11/01 12:0 a.m.12 views

Ruby REXML < 3.3.9 ReDoS vulnerability

The version of the REXML Ruby library installed on the remote host is prior to 3.3.9. It is, therefore, affected by a ReDoS vulnerability. The vulnerability lies when it parses an XML that has many digits between & and x...; in a hex numeric character reference &x...;. This does not happen with...

8.7CVSS6.8AI score0.01429EPSS
Exploits0References2
Rows per page
Query Builder