lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2013-04-09T21:00:00
Updated: 2016-12-06T13:57:01
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-1821
JSON object: View
NVD Information
Status : Modified
Published: 2013-04-09T21:55:01.113
Modified: 2016-12-08T03:03:10.787
Link: CVE-2013-1821
JSON object: View
Redhat Information
No data.
CWE