CVE-2025-58767: REXML has a DoS condition when parsing malformed XML file

Published Sep 17, 2025
·
Updated

Impact

The REXML gems from 3.3.3 to 3.4.1 have a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities.

Patches

REXML gems 3.4.2 or later include the patches to fix these vulnerabilities.

Workarounds

Don't parse untrusted XMLs.

References

https://www.ruby-lang.org/en/news/2025/09/18/dos-rexml-cve-2025-58767/ : An announcement on www.ruby-lang.org

Other sources

REXML has a DoS condition when parsing malformed XML file

Microsoft

REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these vulnerabilities.

MITRE

Affected Software

10 affected componentsFixes available
Ruby REXML>=3.3.3<=3.4.1
rubygems/rexml>=3.3.3<=3.4.1
3.4.2
Microsoft cbl2 ruby 3.1.7-3
Microsoft azl3 rubygem-rexml 3.3.9-1
Microsoft azl3 ruby 3.3.5-5
ruby-lang Rexml Ruby>=3.3.3<3.4.2
IBM Aspera Faspex 5<=5.0.0 - 5.0.13.1
Microsoft azl3 rubygem-rexml 3.3.9-2
Patch available
Microsoft azl3 rubygem-rexml 3.3.9-1
Patch available
Microsoft azl3 ruby 3.3.5-6

Remediation

Patch Available

https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23

Event History

Sep 17, 2025
CVE Published
via MITRE·05:45 PM
Data Sourced
via MITRE·05:45 PM
DescriptionWeakness
Data Sourced
via Red Hat·06:01 PM
DescriptionSeverityAffected Software
Data Sourced
via NVD·06:15 PM
RemedyDescriptionSeverityWeaknessAffected Software
Advisory Published
via GitHub·06:26 PM
Data Sourced
via GitHub·06:26 PM
DescriptionWeaknessAffected Software
Sep 21, 2025
Data Sourced
via Microsoft·01:04 AM
DescriptionSeverityWeaknessAffected Software
Updated
via Microsoft·01:04 AM
Affected Software
Updated
via Microsoft·08:04 AM
Affected Software
Updated
via Microsoft·08:04 AM
DescriptionSeverity
Oct 8, 2025
Data Sourced
via IBM·12:00 AM
DescriptionAffected Software
Jan 4, 58317
Event
via NVD·11:47 AM

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2025-58767?

CVE-2025-58767 is classified as a Denial of Service (DoS) vulnerability that can impact applications parsing untrusted XML.

2

How do I fix CVE-2025-58767?

To mitigate CVE-2025-58767, upgrade Ruby REXML to version 3.4.2 or later, which includes the necessary patches.

3

Who is affected by CVE-2025-58767?

Applications using Ruby REXML version 3.3.3 to 3.4.1 are vulnerable to CVE-2025-58767.

4

What type of vulnerability is CVE-2025-58767?

CVE-2025-58767 is a Denial of Service vulnerability that occurs when parsing XML with multiple XML declarations.

5

Can CVE-2025-58767 be exploited by untrusted sources?

Yes, CVE-2025-58767 can be exploited when parsing untrusted XML files containing multiple declarations.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203