16May
CVE-2024-35176 | rexml Gem up to 3.2.6 on Ruby XML Data Parser attribute resource consumption (GHSA-vg3r-rm7w-2xgh)
A vulnerability, which was classified as problematic, was found in rexml Gem up to 3.2.6 on Ruby. This affects an unknown part of the component XML Data Parser. The manipulation of the argument attribute with the input< leads to resource consumption.
This vulnerability is uniquely identified as CVE-2024-35176. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
