CVE-2024-41123
🔶 mediumSummary
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, `>]` and `]>`. The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities.
CVSS Score
5.3
Medium
EPSS Score
0.2
Exploit Probability
Published Date
2024-08-01
First Seen: 2026-01-05
📊 Relative Risk Intelligence
This CVE is Lower Risk - more severe than 19.7% of all 329,456 vulnerabilities in our database.
#264,595
Below average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: Aug 1, 2024
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
YES
Can be exploited automatically
💥 Technical Impact
Partial
Limited system impact
SSVC data provided by
CISA
Last Modified
2025-11-03
Source
NVD 🔗
CVSS Vector 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE IDs (Weakness Types)