Lines 78-83
Notes:
Link Here
|
78 |
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.) |
78 |
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.) |
79 |
--> |
79 |
--> |
80 |
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> |
80 |
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> |
|
|
81 |
<vuln vid="dec7e4b6-961a-11eb-9c34-080027f515ea"> |
82 |
<topic>ruby -- XML round-trip vulnerability in REXML</topic> |
83 |
<affects> |
84 |
<package> |
85 |
<name>ruby</name> |
86 |
<range><ge>2.5.0,1</ge><lt>2.5.9,1</lt></range> |
87 |
<range><ge>2.6.0,1</ge><lt>2.6.7,1</lt></range> |
88 |
<range><ge>2.7.0,1</ge><lt>2.7.3,1</lt></range> |
89 |
<range><ge>3.0.0.p1,1</ge><lt>3.0.1,1</lt></range> |
90 |
</package> |
91 |
<package> |
92 |
<name>rubygem-rexml</name> |
93 |
<range><lt>3.2.5</lt></range> |
94 |
</package> |
95 |
</affects> |
96 |
<description> |
97 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
98 |
<p>Juho Nurminen reports:</p> |
99 |
<blockquote cite="https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/"> |
100 |
<p> |
101 |
When parsing and serializing a crafted XML document, REXML gem |
102 |
(including the one bundled with Ruby) can create a wrong XML |
103 |
document whose structure is different from the original one. |
104 |
The impact of this issue highly depends on context, but it may |
105 |
lead to a vulnerability in some programs that are using REXML. |
106 |
</p> |
107 |
</blockquote> |
108 |
</body> |
109 |
</description> |
110 |
<references> |
111 |
<cvename>CVE-2021-28965</cvename> |
112 |
<url>https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/</url> |
113 |
</references> |
114 |
<dates> |
115 |
<discovery>2021-04-05</discovery> |
116 |
<entry>2021-04-05</entry> |
117 |
</dates> |
118 |
</vuln> |
119 |
|
81 |
<vuln vid="bddadaa4-9227-11eb-99c5-e09467587c17"> |
120 |
<vuln vid="bddadaa4-9227-11eb-99c5-e09467587c17"> |
82 |
<topic>chromium -- multiple vulnerabilities</topic> |
121 |
<topic>chromium -- multiple vulnerabilities</topic> |
83 |
<affects> |
122 |
<affects> |
84 |
- |
|
|