There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2025-58767. We strongly recommend upgrading the REXML gem. Details Parsing invalid XML containing multiple XML declarations may cause increased execution time and memory usage. Please update REXML gem to version 3.4.2 or later. Affected versions REXML gem from 3.3.3 to 3.4.1 Credits Thanks to Sofi Aberegg for discovering this issue. History Originally published at 2025-09-18 03:00:00 (UTC) P...
