CVE-2013-1821 in Ruby信息

摘要

由 VulDB • 2026-07-15

Ruby中REXML解析器的lib/rexml/text.rb模块在1.9.3-p392版本之前存在漏洞,远程攻击者可通过构造的XML文档中的文本节点导致拒绝服务(内存消耗和崩溃),即所谓的XML实体扩展(XEE)攻击。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!