UbuntuUpdates.org

Bugs fixes in "ruby3.2"

Origin Bug number Title Date fixed
CVE CVE-2024-41123 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters suc 2024-11-05
CVE CVE-2024-39908 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters suc 2024-11-05
CVE CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x... 2024-11-05
CVE CVE-2024-41946 REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull 2024-11-05
CVE CVE-2024-35176 REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an att 2024-11-05
CVE CVE-2024-41123 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters suc 2024-11-05
CVE CVE-2024-39908 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters suc 2024-11-05
CVE CVE-2024-49761 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x... 2024-11-05
CVE CVE-2024-41946 REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull 2024-11-05
CVE CVE-2024-35176 REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an att 2024-11-05
CVE CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitr 2024-06-17
CVE CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in 2024-06-17
CVE CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitr 2024-06-17
CVE CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in 2024-06-17



About   -   Send Feedback to @ubuntu_updates