52 matches found
MiracleLinux 9 : ruby:3.3 (AXSA:2024-8857:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8857:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Ruby vulnerabilities (USN-7840-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7840-1 advisory. It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of...
CVE-2024-39908 affecting package ruby for versions less than 3.1.7-1
CVE-2024-39908 affecting package ruby for versions less than 3.1.7-1. An upgraded version of the package is available that resolves this issue...
TencentOS Server 3: ruby:3.1 (TSSA-2025:0359)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0359 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Fedora: Security Advisory (FEDORA-2024-cfcd6258fa)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: ruby:3.1 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...
Security update for rubygem-rexml (moderate)
openSUSE Security Update: Security update for rubygem-rexml Announcement ID: openSUSE-SU-2025:0129-1 Rating: moderate References: 1224390 1228072 1228794 1228799 1229673 1232440 Cross-References: CVE-2024-35176 CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 CVE-2024-49761 CVSS scores...
Linux Distros Unpatched Vulnerability : CVE-2024-39908
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as . If y...
CVE-2024-39908 affecting package rubygem-rexml for versions less than 3.2.7-4
CVE-2024-39908 affecting package rubygem-rexml for versions less than 3.2.7-4. A patched version of the package is available...
CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-39908)
The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39908 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when...
Azure Linux 3.0 Security Update: ruby / rubygem-rexml (CVE-2024-39908)
The version of ruby / rubygem-rexml installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39908 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when...
Ubuntu: Security Advisory (USN-7256-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in Ruby REXML (CVE-2024-39908) may affect IBM watsonx Assistant for IBM Cloud Pak for Data
Summary A potential denial of service vulnerability CVE-2024-399088 has been identified related to Ruby REXML that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...
Security Bulletin: Vulnerability in Ruby REXML (CVE-2024-39908) affects IBM Watson CP4D Data Stores
Summary A potential denial of service vulnerability CVE-2024-399088 has been identified related to Ruby REXML that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: A...
Security Bulletin: Vulnerability in Ruby REXML (CVE-2024-39908) affects IBM Watson CP4D Data Stores
Summary A potential denial of service vulnerability CVE-2024-399088 has been identified related to Ruby REXML that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: A...
Security Bulletin: Vulnerability in Golang Go (CVE-2024-24784) affects IBM Watson CP4D Data Stores
Summary A potential denial of service vulnerability CVE-2024-24784 has been identified related to Golang Go that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-24784 DESCRIPTION:...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1046)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2025-0001)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2025-0001 Updated ruby packages fix security vulnerabilities
The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many . CVE-2024-39908 The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . CVE-2024-41123 The REXML gem...
CVE-2024-39908 affecting package ruby for versions less than 3.3.5-1
CVE-2024-39908 affecting package ruby for versions less than 3.3.5-1. An upgraded version of the package is available that resolves this issue...