CVE-2013-1821

Ruby could be made to hang if it received specially crafted input ...

Synopsis Moderate: ruby security update Type/Severity Security Advisory: Moderate Topic Updated ruby packages that fix two security issues are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability Scoring ...

Synopsis Moderate: ruby security update Type/Severity Security Advisory: Moderate Topic Updated ruby packages that fix one security issue are now available forRed Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Common Vulnerability Scoring ...

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of S ...

Several vulnerabilities have been discovered in the interpreter for the Ruby language The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all host memory CVE-2013-4073 William (B ...

lib/rexml/textrb in the REXML parser in Ruby before 193-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack ...

It was discovered that Ruby's REXML library did not properly restrict XML entity expansion An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amounts of system memory (CVE-2013-1821) It was found t ...