CVE-2024-43398

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability...

CVE-2024-43398 REXML denial of service vulnerability

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability...

CVE-2024-43398 REXML denial of service vulnerability

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability...

CVE-2024-43398 REXML denial of service vulnerability

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability...

CVE-2024-43398

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability...

CBL Mariner 2.0 Security Update: ruby (CVE-2024-27281)

The version of ruby installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27281 advisory. - An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2250)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.0 : ruby (EulerOS-SA-2024-2199)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2199)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : ruby (EulerOS-SA-2024-2250)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syst...

EulerOS 2.0 SP12 : ruby (EulerOS-SA-2024-2226)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syst...

fugit 安全漏洞

fugit is a floraison open source time tool for Ruby, rufus-scheduler and flor. A security vulnerability exists in versions of fugit prior to 1.11.1, which stems from improper user input length checking, and may result in a thread being occupied for an extended period of time without being able to...

Bundler: Multiple Vulnerabilities

Background Bundler provides a consistent environment for Ruby projects by tracking and installing the exact gems and versions that are needed. Description Multiple vulnerabilities have been discovered in Bundler. Please review the CVE identifiers referenced below for details. Impact Please review...

Fedora: Security Advisory (FEDORA-2024-93575091aa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-41123

A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '', and ''. Mitigation...

GHSA-5866-49GR-22V4 vulnerabilities

Vulnerabilities for packages: ruby, jruby, kube-fluentd-operator...

OESA-2024-1938 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote Do...

GHSA-R55C-59QM-VJW6 vulnerabilities

Vulnerabilities for packages: ruby, jruby, kube-fluentd-operator...

CVE-2024-41946 vulnerabilities

Vulnerabilities for packages: ruby, jruby, kube-fluentd-operator...