ALPINE-CVE-2021-28965

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing...

AZL-6860 CVE-2021-28965 affecting package ruby for versions less than 2.7.4-1

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing...

PT-2021-5813

Name of the Vulnerable Software and Affected Versions REXML gem versions prior to 3.2.5 in Ruby versions prior to 2.6.7 REXML gem versions prior to 3.2.5 in Ruby versions 2.7.x prior to 2.7.3 REXML gem versions prior to 3.2.5 in Ruby versions 3.x prior to 3.0.1 Description The issue is related to...

DEBIAN-CVE-2021-21366

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. xmldom versions 0.4.0 and older do not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and serializing maliciously crafted documents. This may lead to unexpect...