Revert "bundle update rexml due to CVE" and ignore CVE (!1706) · Merge requests · Samarbeid Organisation / samarbeid

Michael Prilop requested to merge revert-rexml-update into main May 17, 2024

This reverts commit 1c4bce6a.

This CVE only regards DoS and initial analysis does not show any vulnerability to us. As deployments are suffereing problems due to the updated strscan gem dependency we are postponing this fix.

Edited May 17, 2024 by Michael Prilop

Revert "bundle update rexml due to CVE" and ignore CVE

Merge request reports