Your submission was sent successfully! Close

CVE-2021-28965

Published: 12 April 2021

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
ruby-rexml
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needed

jammy Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (3.2.5)
xenial Does not exist

ruby2.3
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial
Released (2.3.1-2~ubuntu16.04.16)
ruby2.5
Launchpad, Ubuntu, Debian
bionic
Released (2.5.1-1ubuntu1.9)
focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (2.5.9)
xenial Does not exist

ruby2.7
Launchpad, Ubuntu, Debian
bionic Does not exist

focal
Released (2.7.0-5ubuntu1.4)
groovy
Released (2.7.1-3ubuntu1.3)
hirsute
Released (2.7.2-4ubuntu1.1)
impish
Released (2.7.3-2ubuntu1)
precise Does not exist

trusty Does not exist

upstream
Released (2.7.3)
xenial Does not exist