logo
DATABASE RESOURCES PRICING ABOUT US

XML Injection

Description

ruby is vulnerable to XML injection. The vulnerability exists due to REXML gem creating a wrong XML document whose structure is different from the original one.


Affected Software


CPE Name Name Version
ruby:3.11 2.6.6-r2
ruby:3.11 2.6.6-r3
ruby:3.10 2.5.8-r1
ruby:3.10 2.5.8-r0
ruby:3.10 2.5.7-r0
ruby:3.12 2.7.2-r0
ruby:3.12 2.7.2-r1
ruby:3.12 2.7.1-r3
ruby:3.13 2.7.2-r3
ruby:3.13 2.7.2-r4
ruby2.7:sid 2.7.2-3
ruby2.7:bullseye 2.7.2-3
ruby:edge 2.6.5-r2
ruby:edge 2.6.6-r4
ruby:edge 2.7.1-r3
ruby:edge 2.7.2-r4
ruby:edge 2.6.6-r2
ruby:edge 2.7.2-r3
ruby2.7:focal 2.7.0-5ubuntu1.2
ruby2.7:focal 2.7.0-5ubuntu1
ruby2.7:focal 2.7.0-5ubuntu1.1
ruby2.7:hirsute 2.7.2-3
ruby2.5:bionic 2.5.1-1ubuntu1.7
ruby2.5:bionic 2.5.1-1ubuntu1
ruby2.5:bionic 2.5.1-1ubuntu1.6
ruby2.3:xenial 2.3.0-5ubuntu1
ruby2.3:xenial 2.3.1-2~ubuntu16.04.14
ruby2.7:groovy 2.7.1-3build1
ruby2.7:groovy 2.7.1-3ubuntu1
ruby2.7:groovy 2.7.1-3ubuntu1.1
rh-ruby25-ruby 2.5.3__6.el7
rh-ruby25-ruby 2.5.5__7.el7
rh-ruby25-ruby 2.5.0__5.el7
rh-ruby26-ruby 2.6.2__118.el7
ruby2.7:devel 2.7.2-4
ruby2.7:devel 2.7.1-3build1
ruby2.7:devel 2.7.1-3
ruby2.7:devel 2.7.2-3
ruby2.5:buster 2.5.5-3+deb10u3
ruby2.5:buster 2.5.5-3+deb10u2
ruby 2.0.0.598__25.ael7b_1
ruby 1.8.7.352__10.el6_4
ruby 2.0.0.648__39.el7_9
ruby 1.8.7.299__5.el6_0.1
ruby 1.8.7.352__12.el6_4
ruby 2.4.6__91.el7cf
ruby 1.8.7.299__7.el6_1.1
ruby 1.8.7.299__4.el6
ruby 2.4.5__90.el7cf
ruby 1.8.7.374__5.el6
ruby 1.8.7.352__4.el6_2
ruby 1.8.7.352__7.el6_2
ruby 2.0.0.648__35.el7_6
ruby 1.8.7.352__6.el6
ruby 1.8.7.299__7.el6
ruby 2.4.9__93.el7cf
ruby 1.8.7.374__4.el6_6
ruby 2.0.0.648__36.el7
ruby 2.0.0.648__34.el7_6
ruby 1.8.7.374__3.el6_6
ruby 1.8.7.352__13.el6
ruby 1.8.7.374__2.el6
ruby 1.8.7.352__3.el6

Related