diff --git a/rubies/ruby/CVE-2025-58767.yml b/rubies/ruby/CVE-2025-58767.yml
index d1f635a31d..40cfbfa56c 100644
--- a/rubies/ruby/CVE-2025-58767.yml
+++ b/rubies/ruby/CVE-2025-58767.yml
@@ -13,6 +13,8 @@ description: |
   The REXML gem 3.4.2 or later include the patches to fix these vulnerabilities.
 
 patched_versions:
+  - "~> 3.2.10"
+  - "~> 3.3.10"
   - ">= 3.4.8"
 related:
   url:
@@ -20,5 +22,4 @@ related:
     - https://www.cve.org/CVERecord?id=CVE-2025-58767
     - https://www.ruby-lang.org/en/news/2025/12/17/ruby-3-4-8-released/
     - https://bugs.ruby-lang.org/issues/21632
-notes: |
-  Ruby 3.3 and 3.2 have PRs to backport the fix but new versions haven't been released yet.
+    - https://github.com/ruby/ruby/pull/14796