CVE-2024-49761

REXML ReDoS vulnerability

Severity Score

6.6

*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.

*Credits: N/A

CVSS Scores

GitHubv4 6.6

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

System

Vulnerable | Subsequent

Confidentiality

None

Integrity

None

Availability

High

None

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-10-18 CVE Reserved
2024-10-28 CVE Published
2024-10-28 CVE Updated
2024-11-06 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-1333: Inefficient Regular Expression Complexity

CAPEC

References (3)

URL	Tag	Source
https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f	X_refsource_misc
https://github.com/ruby/rexml/security/advisories/GHSA-2rxp-v6pw-ch6m	X_refsource_confirm
https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761	X_refsource_misc

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ruby Search vendor "Ruby"		Rexml Search vendor "Ruby" for product "Rexml"				< 3.3.9 Search vendor "Ruby" for product "Rexml" and version " < 3.3.9"		en		Affected