VDB
DEBIAN-CVE-2025-58767
DEBIAN-CVE-2025-58767
PUBLISHED
CVSS 5.300000190734863 MEDIUM
REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these vulnerabilities.
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | ruby3.3 | 0, 3.3.8-2, 0 |
| Debian:14 | ruby3.3 | 0, 3.3.8-2, 0 |
| Debian:11 | ruby2.7 | 0, 2.7.4-1, 2.7.4-1+deb11u1 |
Timeline
- Sep 17, 2025 CVE Published
- Apr 28, 2026 CVE Updated