{"id":"CLSA-2026-1768814484","summary":"ruby: Fix of CVE-2025-58767","details":"- CVE-2025-58767: fixed REXML to reject duplicate XML declarations and validate\n  declaration attributes to protect from DoS","modified":"2026-05-27T11:16:43.990829438Z","published":"2026-01-19T09:21:27Z","upstream":["CVE-2025-58767"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2026-1768814484.html"}],"affected":[{"package":{"name":"ruby","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/ruby?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.4-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"ruby-default-gems","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/ruby-default-gems?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.4-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"ruby-devel","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/ruby-devel?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.4-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"ruby-doc","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/ruby-doc?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.4-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"ruby-libs","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/ruby-libs?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.4-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-bigdecimal","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-bigdecimal?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.0-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-bundler","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-bundler?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.33-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-io-console","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-io-console?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.7-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-irb","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-irb?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.5-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-json","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-json?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5.1-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-minitest","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-minitest?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.2-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-power_assert","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-power_assert?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-psych","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-psych?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.3.2-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-rake","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-rake?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"13.0.3-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-rbs","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-rbs?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.0-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-rdoc","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-rdoc?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.3.3-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-rexml","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-rexml?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.3.3-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-rss","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-rss?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.2.9-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-test-unit","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-test-unit?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.3.7-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygem-typeprof","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygem-typeprof?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.15.2-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygems","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygems?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.2.33-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}},{"package":{"name":"rubygems-devel","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rubygems-devel?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.2.33-160.el9_0.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1768814484.json"}}],"schema_version":"1.7.5"}