logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-28965

Description

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. #### Bugs * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986807> * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986806>


Affected Package


OS OS Version Package Name Package Version
ubuntu upstream ruby-rexml 3.2.5
ubuntu upstream ruby2.3 any
ubuntu 16.04 ruby2.3 2.3.1-2~ubuntu16.04.16
ubuntu upstream ruby2.5 2.5.9
ubuntu 20.04 ruby2.7 2.7.0-5ubuntu1.4
ubuntu 20.10 ruby2.7 2.7.1-3ubuntu1.3
ubuntu 21.04 ruby2.7 2.7.2-4ubuntu1.1
ubuntu 21.10 ruby2.7 2.7.3-2ubuntu1
ubuntu upstream ruby2.7 2.7.3

Related