CVE-2013-1821

Priority
Description
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows
remote attackers to cause a denial of service (memory consumption and
crash) via crafted text nodes in an XML document, aka an XML Entity
Expansion (XEE) attack.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (1.8.7.358-7)
Package
Upstream:released (1.9.3 patchlevel 392,1.9.3.194-8.1)
Patches:
Upstream:http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=39384
More Information

Updated: 2019-12-05 21:03:29 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)