CVE-2021-28965
gem/rexml
Improper Restriction of XML External Entity Reference
The REXML gem does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
All versions before 3.2.5
Upgrade to version 3.2.5 or above.
2021-04-30
source |