« List of all CVEs

CVE-2013-1821

Published: 4/9/2013 Last updated: 8/6/2024 Reserved: 2/19/2013

lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (1)

conf-ruby

Products affected (1)

Product Vendor Version
n/a n/a < publication

References (46)