Astra Linux – Vulnerability in Ruby 2.5
REXML is an XML toolkit for Ruby. The REXML gem prior to version 3.3.9 has a ReDoS vulnerability when it parses an XML document containing many digits between “&” and “x”… in a hexadecimal character reference such as “&…”. This issue does not occur in Ruby 3.2 or later versions. Ruby 3.1 is the...