Lucene search
Ubuntu.comUB:CVE-2013-1821HistoryMar 07, 2013 - 12:00 a.m.
CVE-2013-1821
2013-03-0700:00:00
ubuntu.com
ubuntu.com
13
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.236 Low
EPSS
Percentile
96.5%
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows
remote attackers to cause a denial of service (memory consumption and
crash) via crafted text nodes in an XML document, aka an XML Entity
Expansion (XEE) attack.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | ruby1.8 | < 1.8.7.249-2ubuntu0.3 | UNKNOWN |
| ubuntu | 11.10 | noarch | ruby1.8 | < 1.8.7.352-2ubuntu0.3 | UNKNOWN |
| ubuntu | 12.04 | noarch | ruby1.8 | < 1.8.7.352-2ubuntu1.2 | UNKNOWN |
| ubuntu | 12.10 | noarch | ruby1.8 | < 1.8.7.358-4ubuntu0.2 | UNKNOWN |
| ubuntu | 12.04 | noarch | ruby1.9.1 | < 1.9.3.0-1ubuntu2.6 | UNKNOWN |
| ubuntu | 12.10 | noarch | ruby1.9.1 | < 1.9.3.194-1ubuntu1.4 | UNKNOWN |
| ubuntu | 13.04 | noarch | ruby1.9.1 | < 1.9.3.194-8.1ubuntu1 | UNKNOWN |
| ubuntu | 13.10 | noarch | ruby1.9.1 | < 1.9.3.194-8.1ubuntu1 | UNKNOWN |
Related
github
github
Ruby vulnerable to denial of service
2022-05-17 03:23:26
cve
cve
CVE-2013-1821
2013-04-09 21:55:00
CVE-2014-8090
2014-11-21 15:59:00
openvas
openvas
RedHat Update for ruby RHSA-2013:0611-01
2013-03-08 00:00:00
CentOS Update for ruby CESA-2013:0611 centos5
2013-03-12 00:00:00
Ubuntu Update for ruby1.8 USN-1780-1
2013-03-28 00:00:00
amazon
amazon
Medium: ruby19
2013-05-24 13:57:00
Medium: ruby
2013-03-14 22:04:00
osv
osv
Ruby vulnerable to denial of service
2022-05-17 03:23:26
ruby1.9.1 - several
2013-08-18 00:00:00
ruby1.8 - several
2013-12-04 00:00:00
nessus
nessus
Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : ruby1.8, ruby1.9.1 vulnerability (USN-1780-1)
2013-03-26 00:00:00
SuSE 11.3 Security Update : Ruby (SAT Patch Number 9136)
2014-05-21 00:00:00
Scientific Linux Security Update : ruby on SL5.x i386/x86_64 (20130307)
2013-03-08 00:00:00
centos
centos
ruby security update
2013-03-08 00:25:53
ruby security update
2013-03-09 00:47:26
oraclelinux
oraclelinux
ruby security update
2013-03-07 00:00:00
ruby security update
2013-03-07 00:00:00
ubuntu
ubuntu
Ruby vulnerability
2013-03-25 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:59:34
prion
prion
Design/Logic Flaw
2013-04-09 21:55:00
Design/Logic Flaw
2014-11-21 15:59:00
redhat
redhat
(RHSA-2013:0611) Moderate: ruby security update
2013-03-07 00:00:00
(RHSA-2013:0612) Moderate: ruby security update
2013-03-07 00:00:00
(RHSA-2013:1185) Important: Red Hat JBoss Fuse 6.0.0 patch 2
2013-08-29 00:00:00
rubygems
rubygems
CVE-2013-1821 ruby: entity expansion DoS vulnerability in REXML
2013-02-21 20:00:00
CVE-2014-8090 ruby: REXML incomplete fix for CVE-2014-8080
2014-11-12 21:00:00
debian
debian
[SECURITY] [DSA 2738-1] ruby1.9.1 security update
2013-08-18 16:58:53
[SECURITY] [DSA 2809-1] ruby1.8 security update
2013-12-04 21:28:11
[SECURITY] [DSA 2809-1] ruby1.8 security update
2013-12-04 21:28:11
slackware
slackware
ruby
2013-03-16 01:11:53
ubuntucve
ubuntucve
CVE-2014-8090
2014-11-14 00:00:00
gentoo
gentoo
Ruby: Denial of service
2014-12-13 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.236 Low
EPSS
Percentile
96.5%
Related for UB:CVE-2013-1821