CVE-2026-40069

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...

MCP Ruby SDK 安全漏洞

MCP Ruby SDK is an open-source development toolkit for building and interacting with Model Context Protocol clients. Versions of the MCP Ruby SDK prior to 0.9.2 contained security vulnerabilities. These vulnerabilities stemmed from issues with the streamablehttptransport.rb implementation, which...

Ruby SAML 数据伪造问题漏洞

Ruby SAML is a SAML-Toolkits open source implementation of a SAML authorization client. Ruby SAML 1.12.4 and prior versions suffer from a Data Forgery Issue vulnerability that stems from a flaw in the libxml2 normalization process that could lead to authentication bypass...

rexml: REXML ReDoS vulnerability

A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...

EUVD-2024-2644

Malicious code in bioql PyPI...

CVE-2025-58767

REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...

CVE-2025-58767 REXML has a DoS condition when parsing malformed XML file

REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...

Linux Distros Unpatched Vulnerability : CVE-2022-31072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the g...

rexml: REXML ReDoS vulnerability

A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...

K000151742: REXML vulnerability CVE-2024-43398

Security Advisory Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be...

Octokit 安全漏洞

Octokit is a Ruby toolkit for the GitHub API. A security vulnerability exists in Octokit version 1.0.0 through versions prior to 9.2.1, which stems from the unrestricted nature of the regular expression matching behavior, and could lead to catastrophic backtracking when processing ad-hoc input,...

Octokit 安全漏洞

Octokit is a Ruby toolkit for the GitHub API. A security vulnerability exists in Octokit version 9.0.5 through versions prior to 10.1.3, which stems from a regular expression denial of service ReDoS attack that can be caused by crafting a specific options parameter...

Octokit 安全漏洞

Octokit is a Ruby toolkit for the GitHub API. A security vulnerability exists in Octokit version 1.0.0 through versions prior to 6.1.7, which stems from a Regular Expression Denial of Service ReDoS vulnerability in the processing of HTTP request headers, which can be exploited by an attacker to...

rexml: REXML ReDoS vulnerability

A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...

SUSE CVE-2024-41123

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities...

DEBIAN-CVE-2024-41946

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...

PT-2024-6376

Name of the Vulnerable Software and Affected Versions REXML versions prior to 3.3.3 Description The issue is related to an uncontrolled resource consumption in the REXML XML toolkit for Ruby. When REXML parses an XML with many entity expansions using the SAX2 or pull parser API, it can lead to a...

CVE-2022-31072

Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is...