ALSA-2024:5338 Low: pcs security update

🗓️ 13 Aug 2024 00:00:00Reported by GoogleType

osv🔗 osv.dev👁 15 Views

pcs security update for Pacemaker and Corosync utilities provides REXML security fix for XML parsing DoS (CVE-2024-35176

Reporter	Title	Published	Views	Family All 156
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Ruby REXML denial of service vulnerability [ CVE-2024-35176]	28 Jan 202522:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Software Support mobile app is vulnerable to multiple vulnerabilities due to 3rd party software	27 Feb 202519:51	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in rexml-3.2.6	29 Aug 202418:55	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in XML toolkit for Ruby affects IBM License Metric Tool (CVE-2024-35176).	1 Aug 202410:31	–	ibm
GithubExploit	Exploit for CVE-2024-35176	19 Dec 202419:01	–	githubexploit
Tenable Nessus	Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-921)	1 Apr 202500:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: ruby / rubygem-rexml (CVE-2024-35176)	10 Feb 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-2568)	9 Oct 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-2594)	9 Oct 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : ruby (EulerOS-SA-2024-2821)	8 Nov 202400:00	–	nessus

Source	Link
access	www.access.redhat.com/errata/RHSA-2024:5338
access	www.access.redhat.com/security/cve/CVE-2024-35176
bugzilla	www.bugzilla.redhat.com/2280894
errata	www.errata.almalinux.org/8/ALSA-2024-5338.html

04 Feb 2026 04:22Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.15.3

EPSS0.08428

SSVC