You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') via the SAX2 or pull parser API. An attacker can cause the application to consume excessive resources leading to a denial of service by submitting specially crafted XML documents that exploit entity expansions.
The text was updated successfully, but these errors were encountered:
Introduced through
[email protected] and [email protected]
Fixed in
[email protected]
Exploit maturity
Proof of Concept
Show less detail
Detailed paths
Introduced through: project@* › [email protected] › [email protected]
Fix: No remediation path available.
Introduced through: project@* › [email protected] › [email protected] › [email protected]
Fix: No remediation path available.
Security information
Factors contributing to the scoring:
Snyk: CVSS v4.0 6.9 - Medium Severity | CVSS v3.1 5.3 - Medium Severity
NVD: CVSS v3.1 7.5 - High Severity
Why are the scores different? Learn how Snyk evaluates vulnerability scores
Overview
rexml is an An XML toolkit for Ruby.
Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') via the SAX2 or pull parser API. An attacker can cause the application to consume excessive resources leading to a denial of service by submitting specially crafted XML documents that exploit entity expansions.
The text was updated successfully, but these errors were encountered: