[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2014-8090":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":28,"duplicate_of":9,"upstream":29,"downstream":30,"duplicates":59,"related":60,"reserved_at":9,"published_at":62,"modified_at":63,"state":64,"summary":65,"references_raw":72,"kevs":167,"epss":168,"epss_history":171,"metrics":420,"affected":425},"CVE-2014-8090","The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],[19],{"_key":20,"name":21,"source":22,"url":23,"maturity":24,"reliability_score":25,"verified":26,"type":9,"platforms":27,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_1619B14112CC642A","Exploit Reference (ruby-lang.org)","reference","https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/","unknown",0.2,false,[],[],[],[31,33,35,37,39,41,43,45,47,49,51,53,55,57],{"_key":32},"DLA-200-1",{"_key":34},"DLA-88-1",{"_key":36},"DSA-3157-1",{"_key":38},"DSA-3159-1",{"_key":40},"MGASA-2014-0472",{"_key":42},"UBUNTU-CVE-2014-8090",{"_key":44},"USN-2412-1",{"_key":46},"RHSA-2014:1911",{"_key":48},"RHSA-2014:1912",{"_key":50},"RHSA-2014:1913",{"_key":52},"RHSA-2014:1914",{"_key":54},"RHSA-2026:7305",{"_key":56},"RHSA-2026:7307",{"_key":58},"RHSA-2026:8838",[],[61],{"_key":40},"2014-11-21T15:00:00.000Z","2024-08-06T13:10:50.067Z","Modified",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":66,"epss_score":67,"severity":66,"severity_score":68,"severity_version":69,"severity_source":70,"severity_vector":71,"severity_status":64},"medium",0.11898,5,"v2.0","nvd","AV:N/AC:L/Au:N/C:N/I:N/A:P",[73,80,86,91,96,100,105,110,114,118,122,126,130,134,140,144,149,155,159,163],{"url":74,"sources":75,"tags":77},"http://lists.opensuse.org/opensuse-updates/2014-12/msg00035.html",[76,70],"cve.org",[78,79],"Vendor Advisory","X Refsource SUSE",{"url":81,"sources":82,"tags":83},"http://secunia.com/advisories/59948",[76,70],[84,85],"Third Party Advisory","X Refsource SECUNIA",{"url":87,"sources":88,"tags":89},"http://rhn.redhat.com/errata/RHSA-2014-1912.html",[76,70],[78,90],"X Refsource REDHAT",{"url":92,"sources":93,"tags":94},"http://www.debian.org/security/2015/dsa-3159",[76,70],[78,95],"X Refsource DEBIAN",{"url":97,"sources":98,"tags":99},"http://secunia.com/advisories/62050",[76,70],[84,85],{"url":101,"sources":102,"tags":103},"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html",[76,70],[78,104],"X Refsource APPLE",{"url":106,"sources":107,"tags":108},"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",[76,70],[109],"X Refsource CONFIRM",{"url":111,"sources":112,"tags":113},"http://rhn.redhat.com/errata/RHSA-2014-1913.html",[76,70],[78,90],{"url":115,"sources":116,"tags":117},"https://support.apple.com/HT205267",[76,70],[109],{"url":119,"sources":120,"tags":121},"http://rhn.redhat.com/errata/RHSA-2014-1911.html",[76,70],[78,90],{"url":123,"sources":124,"tags":125},"http://www.debian.org/security/2015/dsa-3157",[76,70],[78,95],{"url":127,"sources":128,"tags":129},"http://advisories.mageia.org/MGASA-2014-0472.html",[76,70],[109],{"url":23,"sources":131,"tags":132},[76,70],[109,133,78],"Exploit",{"url":135,"sources":136,"tags":137},"http://www.ubuntu.com/usn/USN-2412-1",[76,70],[78,138,139],"X Refsource UBUNTU","Patch",{"url":141,"sources":142,"tags":143},"http://secunia.com/advisories/62748",[76,70],[84,85],{"url":145,"sources":146,"tags":147},"http://www.mandriva.com/security/advisories?name=MDVSA-2015:129",[76,70],[78,148],"X Refsource MANDRIVA",{"url":150,"sources":151,"tags":152},"http://www.securityfocus.com/bid/71230",[76,70],[153,154],"VDB Entry","X Refsource BID",{"url":156,"sources":157,"tags":158},"http://lists.opensuse.org/opensuse-updates/2015-01/msg00004.html",[76,70],[78,79],{"url":160,"sources":161,"tags":162},"http://rhn.redhat.com/errata/RHSA-2014-1914.html",[76,70],[78,90],{"url":164,"sources":165,"tags":166},"http://lists.opensuse.org/opensuse-updates/2015-01/msg00000.html",[76,70],[78,79],[],{"date":169,"score":67,"percentile":170},"2026-06-04",0.93876,[172,176,179,181,184,186,189,191,194,197,200,203,206,208,210,213,216,219,222,225,228,231,234,237,239,241,244,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,290,293,296,299,301,304,307,309,312,315,318,320,324,326,328,330,333,336,339,342,345,347,349,351,354,356,359,362,364,367,370,372,375,378,381,384,387,390,393,396,398,401,404,406,409,412,414,417],{"date":173,"score":174,"percentile":175},"2025-11-04",0.10488,0.92906,{"date":177,"score":174,"percentile":178},"2025-11-05",0.92907,{"date":180,"score":174,"percentile":178},"2025-11-06",{"date":182,"score":174,"percentile":183},"2025-11-07",0.92912,{"date":185,"score":174,"percentile":183},"2025-11-08",{"date":187,"score":174,"percentile":188},"2025-11-09",0.92911,{"date":190,"score":174,"percentile":188},"2025-11-10",{"date":192,"score":174,"percentile":193},"2025-11-11",0.92916,{"date":195,"score":174,"percentile":196},"2025-11-12",0.92922,{"date":198,"score":174,"percentile":199},"2025-11-13",0.92926,{"date":201,"score":174,"percentile":202},"2025-11-14",0.92928,{"date":204,"score":174,"percentile":205},"2025-11-15",0.92923,{"date":207,"score":174,"percentile":202},"2025-11-16",{"date":209,"score":174,"percentile":199},"2025-11-17",{"date":211,"score":174,"percentile":212},"2025-11-18",0.92487,{"date":214,"score":174,"percentile":215},"2025-11-19",0.9249,{"date":217,"score":174,"percentile":218},"2025-11-20",0.92494,{"date":220,"score":174,"percentile":221},"2025-11-21",0.92943,{"date":223,"score":174,"percentile":224},"2025-11-22",0.92941,{"date":226,"score":174,"percentile":227},"2025-11-23",0.92945,{"date":229,"score":174,"percentile":230},"2025-11-24",0.92946,{"date":232,"score":174,"percentile":233},"2025-11-25",0.92949,{"date":235,"score":174,"percentile":236},"2025-11-26",0.92948,{"date":238,"score":174,"percentile":230},"2025-11-27",{"date":240,"score":174,"percentile":224},"2025-11-28",{"date":242,"score":174,"percentile":243},"2025-11-29",0.92955,{"date":245,"score":174,"percentile":243},"2025-11-30",{"date":247,"score":174,"percentile":248},"2025-12-01",0.93001,{"date":250,"score":174,"percentile":251},"2025-12-02",0.93006,{"date":253,"score":174,"percentile":254},"2025-12-03",0.93009,{"date":256,"score":174,"percentile":257},"2025-12-04",0.92963,{"date":259,"score":174,"percentile":260},"2025-12-05",0.92967,{"date":262,"score":174,"percentile":263},"2025-12-06",0.92968,{"date":265,"score":174,"percentile":266},"2025-12-07",0.92965,{"date":268,"score":174,"percentile":269},"2025-12-08",0.92969,{"date":271,"score":174,"percentile":272},"2025-12-09",0.92972,{"date":274,"score":174,"percentile":275},"2025-12-10",0.92979,{"date":277,"score":174,"percentile":278},"2025-12-11",0.92983,{"date":280,"score":174,"percentile":281},"2025-12-12",0.92987,{"date":283,"score":174,"percentile":284},"2025-12-13",0.92978,{"date":286,"score":174,"percentile":287},"2025-12-14",0.92975,{"date":289,"score":174,"percentile":284},"2025-12-15",{"date":291,"score":174,"percentile":292},"2025-12-16",0.92988,{"date":294,"score":174,"percentile":295},"2025-12-17",0.92994,{"date":297,"score":174,"percentile":298},"2025-12-18",0.92997,{"date":300,"score":174,"percentile":298},"2025-12-19",{"date":302,"score":174,"percentile":303},"2025-12-20",0.92992,{"date":305,"score":174,"percentile":306},"2025-12-21",0.92993,{"date":308,"score":174,"percentile":292},"2025-12-22",{"date":310,"score":174,"percentile":311},"2025-12-23",0.9299,{"date":313,"score":174,"percentile":314},"2025-12-24",0.92995,{"date":316,"score":174,"percentile":317},"2025-12-25",0.92998,{"date":319,"score":174,"percentile":298},"2025-12-26",{"date":321,"score":322,"percentile":323},"2025-12-27",0.09242,0.92486,{"date":325,"score":174,"percentile":303},"2025-12-28",{"date":327,"score":174,"percentile":311},"2025-12-29",{"date":329,"score":174,"percentile":306},"2025-12-30",{"date":331,"score":174,"percentile":332},"2025-12-31",0.92999,{"date":334,"score":174,"percentile":335},"2026-01-01",0.93051,{"date":337,"score":174,"percentile":338},"2026-01-02",0.93045,{"date":340,"score":174,"percentile":341},"2026-01-03",0.93044,{"date":343,"score":174,"percentile":344},"2026-01-04",0.93003,{"date":346,"score":174,"percentile":248},"2026-01-05",{"date":348,"score":174,"percentile":344},"2026-01-06",{"date":350,"score":174,"percentile":344},"2026-01-07",{"date":352,"score":174,"percentile":353},"2026-01-08",0.93004,{"date":355,"score":174,"percentile":254},"2026-01-09",{"date":357,"score":174,"percentile":358},"2026-01-10",0.93016,{"date":360,"score":174,"percentile":361},"2026-01-11",0.93014,{"date":363,"score":174,"percentile":361},"2026-01-12",{"date":365,"score":174,"percentile":366},"2026-01-13",0.93013,{"date":368,"score":174,"percentile":369},"2026-01-14",0.93021,{"date":371,"score":174,"percentile":369},"2026-01-15",{"date":373,"score":174,"percentile":374},"2026-01-16",0.93026,{"date":376,"score":174,"percentile":377},"2026-01-17",0.93029,{"date":379,"score":174,"percentile":380},"2026-01-18",0.93022,{"date":382,"score":174,"percentile":383},"2026-01-19",0.93023,{"date":385,"score":174,"percentile":386},"2026-01-20",0.93025,{"date":388,"score":174,"percentile":389},"2026-01-21",0.93032,{"date":391,"score":174,"percentile":392},"2026-01-22",0.93035,{"date":394,"score":174,"percentile":395},"2026-01-23",0.9304,{"date":397,"score":174,"percentile":338},"2026-01-24",{"date":399,"score":174,"percentile":400},"2026-01-25",0.93046,{"date":402,"score":174,"percentile":403},"2026-01-26",0.93048,{"date":405,"score":174,"percentile":335},"2026-01-27",{"date":407,"score":174,"percentile":408},"2026-01-28",0.93055,{"date":410,"score":174,"percentile":411},"2026-01-29",0.93054,{"date":413,"score":174,"percentile":411},"2026-01-30",{"date":415,"score":174,"percentile":416},"2026-01-31",0.93056,{"date":418,"score":174,"percentile":419},"2026-02-01",0.93094,[421],{"source":70,"cvss_v2_0":422,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":68,"baseSeverity":9,"vectorString":71,"impactScore":423,"exploitabilityScore":424},2.9,10,[426],{"ecosystem":9,"name":427,"vendor":428,"product":427,"cpe_part":429,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":430},"ruby","ruby-lang","a",[431,437,438,440,442,444,446,448,450,452,454,456,458,460,462,464,466,468,470,472,474,476,478,480,482,484],{"version":432,"is_range":433,"range_type":434,"version_start":9,"version_start_type":9,"version_end":435,"version_end_type":436,"fixed_in":9},"lte1.9.3",true,"cpe","1.9.3","including",{"version":435,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":439,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p0",{"version":441,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p125",{"version":443,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p194",{"version":445,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p286",{"version":447,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p383",{"version":449,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p385",{"version":451,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p392",{"version":453,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p426",{"version":455,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p429",{"version":457,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p448",{"version":459,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p545",{"version":461,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p547",{"version":463,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0",{"version":465,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:p0",{"version":467,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:p195",{"version":469,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:p247",{"version":471,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:p451",{"version":473,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:p481",{"version":475,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:p576",{"version":477,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:p594",{"version":479,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.1.1",{"version":481,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.1.2",{"version":483,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.1.3",{"version":485,"is_range":26,"range_type":434,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.1.4"]