16 matches found
EUVD-2024-2251
Malicious code in bioql PyPI...
GLSA-202507-08 : REXML: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202507-08 REXML: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in REXML. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from...
REXML: Multiple Vulnerabilities
Background REXML is an XML toolkit for Ruby. Description Multiple vulnerabilities have been discovered in REXML. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...
TencentOS Server 3: pcs (TSSA-2024:0724)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0724 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: ruby:3.3 (TSSA-2024:0775)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0775 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 4: ruby (TSSA-2024:0632)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0632 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: ruby:3.1 (TSSA-2025:0359)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0359 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0183: pcs (ALINUX3-SA-2024:0183)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0183 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-41123: REXML is an XML toolkit fo...
Moderate: Red Hat Security Advisory: ruby:3.1 security update
An update for the ruby:3.1 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: ruby:3.1 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...
ALSA-2025:4063 Moderate: ruby:3.1 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...
Security update for rubygem-rexml (moderate)
openSUSE Security Update: Security update for rubygem-rexml Announcement ID: openSUSE-SU-2025:0129-1 Rating: moderate References: 1224390 1228072 1228794 1228799 1229673 1232440 Cross-References: CVE-2024-35176 CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 CVE-2024-49761 CVSS scores...
Medium: ruby3.2
Issue Overview: REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2025-1046)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have sam...
RHEL 8 : ruby:3.3 (RHSA-2024:6784)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6784 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
PT-2024-7269
Name of the Vulnerable Software and Affected Versions: REXML versions prior to 3.3.1 REXML versions prior to 3.2.7 Description: The issue is related to denial-of-service vulnerabilities in the REXML gem for Ruby. When parsing XML with many specific characters, such as , the gem may be impacted...