Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP6 package rubygem-rexml, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2024-49761 — CVSS 7.5 (high): REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between…
CVE-2024-43398 — CVSS 5.9 (medium): REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that…
CVE-2024-35176 — CVSS 5.3 (medium): REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s…
CVE-2024-41123 — CVSS 5.3 (medium): REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific…
CVE-2024-41946 — CVSS 5.3 (medium): REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with…
CVE-2024-39908 — CVSS 4.3 (medium): REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific…