Lucene search
K

52 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : ruby:3.3 (AXSA:2024-8857:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8857:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

7.5CVSS5.6AI score0.01493EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.6 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Ruby vulnerabilities (USN-7840-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7840-1 advisory. It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of...

7.5CVSS6.8AI score0.02064EPSS
Exploits1References7
CBLMariner
CBLMariner
added 2025/07/10 3:7 p.m.7 views

CVE-2024-39908 affecting package ruby for versions less than 3.1.7-1

CVE-2024-39908 affecting package ruby for versions less than 3.1.7-1. An upgraded version of the package is available that resolves this issue...

4.3CVSS7.3AI score0.01493EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: ruby:3.1 (TSSA-2025:0359)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0359 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.2AI score0.01493EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2024-cfcd6258fa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.9AI score0.01493EPSS
Exploits0References7
AlmaLinux
AlmaLinux
added 2025/04/22 12:0 a.m.7 views

Moderate: ruby:3.1 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

7.5CVSS6.6AI score0.01493EPSS
Exploits0References16
OPENSUSE Linux
OPENSUSE Linux
added 2025/04/17 12:0 a.m.17 views

Security update for rubygem-rexml (moderate)

openSUSE Security Update: Security update for rubygem-rexml Announcement ID: openSUSE-SU-2025:0129-1 Rating: moderate References: 1224390 1228072 1228794 1228799 1229673 1232440 Cross-References: CVE-2024-35176 CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 CVE-2024-49761 CVSS scores...

8.7CVSS7.5AI score0.02064EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-39908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as . If y...

4.3CVSS6.6AI score0.01493EPSS
Exploits0References4
CBLMariner
CBLMariner
added 2025/03/03 10:12 p.m.8 views

CVE-2024-39908 affecting package rubygem-rexml for versions less than 3.2.7-4

CVE-2024-39908 affecting package rubygem-rexml for versions less than 3.2.7-4. A patched version of the package is available...

4.3CVSS4.9AI score0.01493EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-39908)

The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39908 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when...

4.3CVSS7AI score0.01493EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.13 views

Azure Linux 3.0 Security Update: ruby / rubygem-rexml (CVE-2024-39908)

The version of ruby / rubygem-rexml installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39908 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when...

4.3CVSS7AI score0.01493EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/02/07 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-7256-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.3AI score0.01493EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.16 views

Security Bulletin: Vulnerability in Ruby REXML (CVE-2024-39908) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential denial of service vulnerability CVE-2024-399088 has been identified related to Ruby REXML that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...

4.3CVSS6.6AI score0.01493EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 9:51 p.m.16 views

Security Bulletin: Vulnerability in Ruby REXML (CVE-2024-39908) affects IBM Watson CP4D Data Stores

Summary A potential denial of service vulnerability CVE-2024-399088 has been identified related to Ruby REXML that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: A...

7.5CVSS7.1AI score0.91969EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 9:51 p.m.15 views

Security Bulletin: Vulnerability in Ruby REXML (CVE-2024-39908) affects IBM Watson CP4D Data Stores

Summary A potential denial of service vulnerability CVE-2024-399088 has been identified related to Ruby REXML that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: A...

7.5CVSS7.1AI score0.91969EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/16 6:23 p.m.22 views

Security Bulletin: Vulnerability in Golang Go  (CVE-2024-24784) affects IBM Watson CP4D Data Stores

Summary A potential denial of service vulnerability CVE-2024-24784 has been identified related to Golang Go that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-24784 DESCRIPTION:...

7.5CVSS6.8AI score0.01042EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/01/14 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1046)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01493EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/01/06 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2025-0001)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS7.4AI score0.02064EPSS
Exploits1References11
OSV
OSV
added 2025/01/04 9:9 p.m.13 views

MGASA-2025-0001 Updated ruby packages fix security vulnerabilities

The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many . CVE-2024-39908 The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . CVE-2024-41123 The REXML gem...

8.7CVSS6.6AI score0.02064EPSS
Exploits1References10
CBLMariner
CBLMariner
added 2024/12/17 11:15 p.m.18 views

CVE-2024-39908 affecting package ruby for versions less than 3.3.5-1

CVE-2024-39908 affecting package ruby for versions less than 3.3.5-1. An upgraded version of the package is available that resolves this issue...

4.3CVSS6.9AI score0.01493EPSS
Exploits0
Rows per page
Query Builder