Ruby Rexml
7 CVEs affecting Ruby Rexml. Latest disclosed: 2025-09-17. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-43398 | Medium | 5.9 | 2024-08-22 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local nam… |
CVE-2024-41946 | Medium | 5.3 | 2024-08-01 | REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser AP… |
CVE-2024-41123 | Medium | 5.3 | 2024-08-01 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as white… |
CVE-2024-35176 | Medium | 5.3 | 2024-05-16 | REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an attribute va… |
CVE-2024-39908 | Medium | 4.3 | 2024-07-16 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`… |
CVE-2025-58767 | | 2025-09-17 | REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need… | |
CVE-2024-49761 | | 2024-10-28 | REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex… |