Search CVE reports
1 result
CVE-2021-28965
Medium prioritySome fixes available 6 of 9
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
4 affected packages
ruby-rexml, ruby2.3, ruby2.5, ruby2.7
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ruby-rexml | — | Not in release | Not in release | Not in release | Not in release |
ruby2.3 | — | Not in release | Not in release | Not in release | Fixed |
ruby2.5 | — | Not in release | Not in release | Fixed | Not in release |
ruby2.7 | — | — | Fixed | Not in release | Not in release |