Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.2 views

MiracleLinux 8 : pcs-0.10.18-2.el8_10.2.ML.1 (AXSA:2024-8811:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8811:05 advisory. rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, and CVE-2024-41123 rexml: DoS...

7.5CVSS7.8AI score0.01167EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : ruby:2.5 (AXSA:2024-8560:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8560:01 advisory. rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 CVE-2023-36617 ruby: Buffer overread vulnerability in StringIO...

9.8CVSS8.5AI score0.0883EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : ruby:3.3 (AXSA:2024-8830:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8830:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

7.5CVSS8.5AI score0.07595EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.1 views

MiracleLinux 9 : ruby:3.3 (AXSA:2024-8857:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8857:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

7.5CVSS5.6AI score0.07595EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/01/13 12:0 a.m.3 views

MiracleLinux 9 : ruby:3.1 (AXSA:2025-9941:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9941:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

7.5CVSS7.1AI score0.07595EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2025/12/18 12:0 a.m.1 views

RHEL 9 : ruby:3.3 (RHSA-2025:23648)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23648 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.6CVSS7.2AI score0.00268EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2025/11/04 12:0 a.m.3 views

macOS 15.x < 15.7.2 Multiple Vulnerabilities (125635)

The remote host is running a version of macOS / Mac OS X that is 15.x prior to 15.7.2. It is, therefore, affected by multiple vulnerabilities: - A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe...

9.8CVSS7AI score0.01645EPSS
Exploits4References62
Tenable Nessus
Tenable Nessusadded 2025/11/01 12:0 a.m.2 views

Fedora 41 : ruby (2025-b10099f608)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b10099f608 advisory. Upgrade to Ruby 3.3.10. CVE-2025-58767 ruby: REXML denial of service rhbz2396203 Tenable has extracted the preceding description block directly from...

5.3CVSS7AI score0.00084EPSS
Exploits0References2
RubySec
RubySecadded 2025/09/18 12:0 a.m.5 views

DoS vulnerability in REXML

REXML has a DoS condition when parsing malformed XML file REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXM...

5.3CVSS7.1AI score0.00084EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/07/30 12:0 a.m.3 views

RockyLinux 9 : ruby:3.1 (RLSA-2025:4488)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4488 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

7.5CVSS7.1AI score0.07595EPSS
Exploits0References15
OSV
OSVadded 2025/07/29 1:40 p.m.4 views

RLSA-2025:4488 Moderate: ruby:3.1 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

5.9CVSS8.3AI score0.07595EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2025/05/08 12:0 a.m.12 views

AlmaLinux 9 : ruby:3.1 (ALSA-2025:4488)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:4488 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace characte...

7.5CVSS7.1AI score0.07595EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2025/04/22 12:0 a.m.18 views

Oracle Linux 8 : ruby:3.1 (ELSA-2025-4063)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-4063 advisory. - Fix DoS vulnerability in REXML. CVE-2024-39908 Resolves: RHEL-57051 - Fix DoS vulnerability in REXML. CVE-2024-43398 Resolves: RHEL-56002 - Fix REXML...

10CVSS7.7AI score0.87662EPSS
Exploits45References8
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-39908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as . If y...

4.3CVSS6.6AI score0.07595EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/11/08 12:0 a.m.15 views

EulerOS 2.0 SP10 : ruby (EulerOS-SA-2024-2895)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby.The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull...

7.5CVSS7.1AI score0.08428EPSS
Exploits1References6
RedHat Linux
RedHat Linuxadded 2024/09/18 9:15 p.m.5 views

rexml: DoS vulnerability in REXML

A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...

5.9CVSS5.7AI score0.01167EPSS
Exploits0References6
Oracle linux
Oracle linuxadded 2024/07/15 12:0 a.m.51 views

ruby security update

ruby 2.5.9-112 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. CVE-2023-36617 Resolves: RHEL-5614 - Fix Buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-34125 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-34117 -...

9.8CVSS7.3AI score0.0883EPSS
Exploits1
OSV
OSVadded 2024/05/16 4:15 p.m.2 views

AZL-42070 CVE-2024-35176 affecting package ruby for versions less than 3.1.4-6

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS6.4AI score0.08428EPSS
Exploits1References1
Rows per page
Query Builder