diff --git a/en/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md b/en/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md
new file mode 100644
index 0000000000..c2118b4d93
--- /dev/null
+++ b/en/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md
@@ -0,0 +1,31 @@
+---
+layout: news_post
+title: "CVE-2024-43398: DoS vulnerability in REXML"
+author: "kou"
+translator:
+date: 2024-08-22 03:00:00 +0000
+tags: security
+lang: en
+---
+
+There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier [CVE-2024-43398](https://www.cve.org/CVERecord?id=CVE-2024-43398). We strongly recommend upgrading the REXML gem.
+
+## Details
+
+When parsing an XML that has many deep elements that have same local name attributes.
+
+It's only affected with the tree parser API. If you're using `REXML::Document.new` to parse an XML, you may be affected.
+
+Please update REXML gem to version 3.3.6 or later.
+
+## Affected versions
+
+* REXML gem 3.3.5 or prior
+
+## Credits
+
+Thanks to [l33thaxor](https://hackerone.com/l33thaxor) for discovering this issue.
+
+## History
+
+* Originally published at 2024-08-22 03:00:00 (UTC)