Moderate severity vulnerability that affects activesupport

Withdrawn, accidental duplicate publish.

The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth.

Published: Sep 17, 2018
Updated: Apr 14, 2023
GHSA: GHSA-35c4-f3rq-f9g3
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
activesupport	4.0.0	4.1.11
activesupport	4.2.0	4.2.2
activesupport	3.2.0	3.2.22

No references available.

Vulnerability Database

289,784

Moderate severity vulnerability that affects activesupport