The REXML gem prior to 3.2.5 in Ruby prior to 2.6.7, 2.7.x prior to 2.7.3, and 3.x prior to 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ruby-lang ruby |
||
ruby-lang rexml |
||
fedoraproject fedora 34 |