ROOT-OS-UBUNTU-2204-CVE-2025-39908 CVE-2025-39908 in rootio-linux - Patched by Root

Root has patched CVE-2025-39908 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-39908 CVE-2025-39908 in rootio-linux - Patched by Root

Root has patched CVE-2025-39908 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

CVE-2025-39908

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

MiracleLinux 9 : ruby:3.3 (AXSA:2024-8857:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8857:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Ruby vulnerabilities (USN-7840-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7840-1 advisory. It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of...

Yubico YubiHSM 2 SDK YubiHSM Shell 2.4.0 Uninitialized Memory Read (YSA-2023-01)

The version of Yubico YubiHSM Shell, a component of YubiHSM 2 SDK, installed on the remote host is 2.4.0. It is, therefore, affected by an uninitlized memory read vulnerability: - The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read...

Linux Distros Unpatched Vulnerability : CVE-2025-39908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: devioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the per-device ops lock. Make the lower get/set paths...

DEBIAN-CVE-2025-39908

In the Linux kernel, the following vulnerability has been resolved: net: devioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the per-device ops lock. Make the lower get/set paths consistent with the rest of ndo invocations. Kernel log: WARNING: CPU: 13...

CVE-2025-39908

In the Linux kernel, the following vulnerability has been resolved: net: devioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the per-device ops lock. Make the lower get/set paths consistent with the rest of ndo invocations. Kernel log: WARNING: CPU: 13...

CVE-2025-39908

In the Linux kernel, the following vulnerability has been resolved: net: devioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the per-device ops lock. Make the lower get/set paths consistent with the rest of ndo invocations. Kernel log: WARNING: CPU: 13...

CVE-2024-39908 affecting package ruby for versions less than 3.1.7-1

CVE-2024-39908 affecting package ruby for versions less than 3.1.7-1. An upgraded version of the package is available that resolves this issue...

TencentOS Server 3: ruby:3.1 (TSSA-2025:0359)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0359 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Fedora: Security Advisory (FEDORA-2024-cfcd6258fa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-39908

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

Moderate: ruby:3.1 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

Security update for rubygem-rexml (moderate)

openSUSE Security Update: Security update for rubygem-rexml Announcement ID: openSUSE-SU-2025:0129-1 Rating: moderate References: 1224390 1228072 1228794 1228799 1229673 1232440 Cross-References: CVE-2024-35176 CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 CVE-2024-49761 CVSS scores...

Linux Distros Unpatched Vulnerability : CVE-2024-39908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as . If y...

CVE-2024-39908 affecting package rubygem-rexml for versions less than 3.2.7-4

CVE-2024-39908 affecting package rubygem-rexml for versions less than 3.2.7-4. A patched version of the package is available...

CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-39908)

The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39908 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when...

Azure Linux 3.0 Security Update: ruby / rubygem-rexml (CVE-2024-39908)

The version of ruby / rubygem-rexml installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39908 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when...