Internet Bug Bounty: CVE-2024-49761: ReDoS vulnerability in REXML

CVE-2024-49761 was a ReDoS vulnerability in the REXML gem. The vulnerability was caused by the parsing of XML input with many digits between "&#" and "x…;" in a hex numeric character reference. This issue was resolved by updating the REXML gem to version 3.3.9 or…Read More