5 matches found
BIT-RUBY-2021-28965
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing...
AlmaLinux 8 : ruby:2.7 (ALSA-2021:2584)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2584 advisory. ruby: Potential HTTP request smuggling in WEBrick CVE-2020-25613 ruby: XML round-trip vulnerability in REXML CVE-2021-28965 Tenable has extracted the...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2281)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2021-2281)
According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorre...
CVE-2021-28965
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing...