logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-28965

Description

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.


Affected Software


CPE Name Name Version
ruby-lang:rexml ruby-lang rexml 3.2.5
ruby-lang:ruby ruby-lang ruby 2.6.7
ruby-lang:ruby ruby-lang ruby 2.7.3
ruby-lang:ruby ruby-lang ruby 3.0.1
fedoraproject:fedora fedoraproject fedora 34

Related