logstash-jre-bcfips
8.15.1-r0
7.5
CVSS V3
REXML DoS vulnerability
The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, >]
and ]>
.
If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities.
The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities.
Don't parse untrusted XMLs.