Lucene search
K

48 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : ruby:3.3 (AXSA:2024-8857:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8857:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

7.5CVSS5.6AI score0.01493EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.3 views

CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-43398)

The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43398 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it...

5.9CVSS7.3AI score0.01205EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.4 views

Azure Linux 3.0 Security Update: ruby (CVE-2024-43398)

The version of ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43398 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML tha...

5.9CVSS7.2AI score0.01205EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/07/10 3:7 p.m.4 views

CVE-2024-43398 affecting package ruby for versions less than 3.1.7-1

CVE-2024-43398 affecting package ruby for versions less than 3.1.7-1. An upgraded version of the package is available that resolves this issue...

5.9CVSS7.3AI score0.01205EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/07/10 3:7 p.m.6 views

CVE-2024-43398 affecting package rubygem-rexml for versions less than 3.2.9-1

CVE-2024-43398 affecting package rubygem-rexml for versions less than 3.2.9-1. A patched version of the package is available...

5.9CVSS7.3AI score0.01205EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/17 8:3 a.m.10 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to Improper Restriction of Recursive Entity References due to rexml package ( CVE-2024-43398 )

Summary Potential vulnerabilities in rexml package CVE-2024-43398 has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2024-43398 DESCRIPTION: REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has...

5.9CVSS9.6AI score0.01205EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: ruby:3.1 (TSSA-2025:0359)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0359 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.2AI score0.01493EPSS
Exploits0References8
CBLMariner
CBLMariner
added 2025/05/30 9:13 p.m.8 views

CVE-2024-43398 affecting package rubygem-rexml for versions less than 3.3.9-1

CVE-2024-43398 affecting package rubygem-rexml for versions less than 3.3.9-1. An upgraded version of the package is available that resolves this issue...

5.9CVSS7.3AI score0.01205EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2024-8a931e76d2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7AI score0.01205EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2024-cfcd6258fa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.9AI score0.01493EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0183: pcs (ALINUX3-SA-2024:0183)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0183 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-41123: REXML is an XML toolkit fo...

7.5CVSS7.1AI score0.01283EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2025/04/22 12:0 a.m.7 views

Moderate: ruby:3.1 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

7.5CVSS6.6AI score0.01493EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-43398

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name...

5.9CVSS7.1AI score0.01205EPSS
Exploits0References4
Hacker One
Hacker One
added 2025/02/19 11:18 p.m.320 views

Internet Bug Bounty: CVE-2024-43398: DoS vulnerability in REXML

The CVE-2024-43398 vulnerability was a denial-of-service issue in the REXML library due to poor performance when parsing specially crafted XML. This vulnerability was addressed with a patch released by the Ruby team...

5.9CVSS6.4AI score0.01205EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/02/07 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-7256-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.3AI score0.01493EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/01/14 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1046)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01493EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/01/06 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2025-0001)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS7.4AI score0.02064EPSS
Exploits1References11
OSV
OSV
added 2025/01/04 9:9 p.m.13 views

MGASA-2025-0001 Updated ruby packages fix security vulnerabilities

The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many . CVE-2024-39908 The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . CVE-2024-41123 The REXML gem...

8.7CVSS6.6AI score0.02064EPSS
Exploits1References10
CBLMariner
CBLMariner
added 2024/12/17 11:15 p.m.6 views

CVE-2024-43398 affecting package ruby for versions less than 3.3.5-1

CVE-2024-43398 affecting package ruby for versions less than 3.3.5-1. An upgraded version of the package is available that resolves this issue...

5.9CVSS6.5AI score0.01205EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/12/12 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2972)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01493EPSS
Exploits0References2
Rows per page
Query Builder