REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability.

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7091-2 advisory.

    USN-7091-1 fixed several vulnerabilities in Ruby. This update provides the corresponding update for     ruby2.7 in Ubuntu 20.04 LTS.



Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    REXML is an XML toolkit for Ruby.The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that     has many entity expansions with SAX2 or pull parser API.The REXML gem 3.3.3 or later include the patch to     fix the vulnerability.(CVE-2024-41946)

    REXML is an XML toolkit for Ruby.The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an     XML that has many specific characters such as whitespace character, `]` and `]`.The REXML gem 3.3.3     or later include the patches to fix these vulnerabilities.(CVE-2024-41123)

    REXML is an XML toolkit for Ruby.The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML     that has many deep elements that have same local name attributes.If you need to parse untrusted XMLs with     tree parser API like REXML::Document.new, you may be impacted to this vulnerability.If you use other     parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected.The REXML     gem 3.3.6 or later include the patch to fix the vulnerability.(CVE-2024-43398)

     REXML is an XML toolkit for Ruby.The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses     an XML that has many specific characters such as ``, `0` and `%`.If you need to parse untrusted     XMLs, you many be impacted to these vulnerabilities.The REXML gem 3.3.2 or later include the patches to     fix these vulnerabilities.Users are advised to upgrade.Users unable to upgrade should avoid parsing     untrusted XML strings.(CVE-2024-39908)

     REXML is an XML toolkit for Ruby.The REXML gem before 3.2.6 has a denial of service vulnerability when it     parses an XML that has many ``s in an attribute value.Those who need to parse untrusted XMLs may be     impacted to this vulnerability.The REXML gem 3.2.7 or later include the patch to fix this vulnerability.As     a workaround, don't parse untrusted XMLs.(CVE-2024-35176)

Tenable has extracted the preceding description block directly from the EulerOS ruby security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6785 advisory.

    Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text     files and to perform system management tasks.

    Security Fix(es):

    * rexml: DoS vulnerability in REXML (CVE-2024-39908)

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)

    * rexml: DoS vulnerability in REXML (CVE-2024-41946)

    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6784 advisory.

    Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text     files and to perform system management tasks.

    Security Fix(es):

    * rexml: DoS vulnerability in REXML (CVE-2024-39908)

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)

    * rexml: DoS vulnerability in REXML (CVE-2024-41946)

    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7091-1 advisory.

    It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML     characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash,     resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
    (CVE-2024-35176, CVE-2024-39908, CVE-2024-41123)

    It was discovered that Ruby incorrectly handled parsing of an XML document that has many entity expansions     with SAX2 or pull parser API. An attacker could use this issue to cause Ruby to crash, resulting in a     denial of service. (CVE-2024-41946)

    It was discovered that Ruby incorrectly handled parsing of an XML document that has many digits in a hex     numeric character reference. An attacker could use this issue to cause Ruby to crash, resulting in a     denial of service. (CVE-2024-49761)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3874-1 advisory.

    - CVE-2024-43398: Fixed DoS when parsing a XML that has many deep elements with the same local name     attributes (bsc#1229673)
    - CVE-2024-41123: Fixed DoS when parsing an XML that contains many specific characters such as     whitespaces, >] and ]> (bsc#1228794)
    - CVE-2024-41946: Fixed DoS when parsing an XML that has many entity expansions with SAX2 or pull parser     API (bsc#1228799)
    - CVE-2024-35176: Fixed DoS when parsing an XML that has many left angled brackets in an attribute value     (bsc#1224390)
    - CVE-2024-39908: Fixed ReDos when parsing an XML that has many specific characters (bsc#1228072)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6784 advisory.

    * rexml: DoS vulnerability in REXML (CVE-2024-39908)

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)

    * rexml: DoS vulnerability in REXML (CVE-2024-41946)

    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6785 advisory.

    * rexml: DoS vulnerability in REXML (CVE-2024-39908)

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)

    * rexml: DoS vulnerability in REXML (CVE-2024-41946)

    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41946 advisory.

  - REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that     has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to     fix the vulnerability. (CVE-2024-41946)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6784 advisory.

    * rexml: DoS vulnerability in REXML (CVE-2024-39908)
    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)
    * rexml: DoS vulnerability in REXML (CVE-2024-41946)
    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6785 advisory.

    * rexml: DoS vulnerability in REXML (CVE-2024-39908)
    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)
    * rexml: DoS vulnerability in REXML (CVE-2024-41946)
    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6785 advisory.

    - Fix DoS vulnerability in rexml.
      (CVE-2024-39908)       (CVE-2024-41946)       (CVE-2024-43398)       Resolves: RHEL-57573       Resolves: RHEL-57570       Resolves: RHEL-57578
    - Fix REXML DoS when parsing an XML having many specific characters such as       whitespace character, >] and ]>.
      (CVE-2024-41123)       Resolves: RHEL-57567
    - Fix buffer overread vulnerability in StringIO.
      (CVE-2024-27280)       Resolves: RHEL-37699
    - Fix RCE vulnerability with .rdoc_options in RDoc.
      (CVE-2024-27281)       Resolves: RHEL-37696
    - Fix Arbitrary memory address read vulnerability with Regex search.
      (CVE-2024-27282)       Resolves: RHEL-37698

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6784 advisory.

    - Fix DoS vulnerability in rexml.
      (CVE-2024-39908)       (CVE-2024-41946)       (CVE-2024-43398)       Resolves: RHEL-57049       Resolves: RHEL-57054       Resolves: RHEL-57069
    - Fix REXML DoS when parsing an XML having many specific characters such as       whitespace character, >] and ]>.
      (CVE-2024-41123)       Resolves: RHEL-52783

    rubygem-abrt

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6670 advisory.

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)
    * rexml: DoS vulnerability in REXML (CVE-2024-41946)
    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6670 advisory.

    [0.10.18-2.0.1.el8_10.2]
    - Replace HAM-logo.png with a generic one

    [0.10.18-2.el8_10.2]
    - Updated rubygem rexml       Resolves: RHEL-52409, RHEL-52788, RHEL-55997

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6703 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)

    * rexml: DoS vulnerability in REXML (CVE-2024-41946)

    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6702 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)

    * rexml: DoS vulnerability in REXML (CVE-2024-41946)

    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6670 advisory.

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)

    * rexml: DoS vulnerability in REXML (CVE-2024-41946)

    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6670 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace     character, >] and ]> (CVE-2024-41123)

    * rexml: DoS vulnerability in REXML (CVE-2024-41946)

    * rexml: DoS vulnerability in REXML (CVE-2024-43398)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
211674	Ubuntu 20.04 LTS : Ruby vulnerabilities (USN-7091-2)	Nessus	Ubuntu Local Security Checks	high
210677	EulerOS 2.0 SP10 : ruby (EulerOS-SA-2024-2895)	Nessus	Huawei Local Security Checks	high
210649	EulerOS 2.0 SP10 : ruby (EulerOS-SA-2024-2914)	Nessus	Huawei Local Security Checks	high
210569	RHEL 9 : ruby:3.3 (RHSA-2024:6785)	Nessus	Red Hat Local Security Checks	high
210480	RHEL 8 : ruby:3.3 (RHSA-2024:6784)	Nessus	Red Hat Local Security Checks	high
210332	Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : Ruby vulnerabilities (USN-7091-1)	Nessus	Ubuntu Local Security Checks	high
210110	SUSE SLED15 / SLES15 Security Update : ruby2.5 (SUSE-SU-2024:3874-1)	Nessus	SuSE Local Security Checks	high
207950	Rocky Linux 8 : ruby:3.3 (RLSA-2024:6784)	Nessus	Rocky Linux Local Security Checks	high
207924	Rocky Linux 9 : ruby:3.3 (RLSA-2024:6785)	Nessus	Rocky Linux Local Security Checks	high
207763	CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-41946)	Nessus	MarinerOS Local Security Checks	high
207533	AlmaLinux 8 : ruby:3.3 (ALSA-2024:6784)	Nessus	Alma Linux Local Security Checks	high
207529	AlmaLinux 9 : ruby:3.3 (ALSA-2024:6785)	Nessus	Alma Linux Local Security Checks	high
207471	Oracle Linux 9 : ruby:3.3 (ELSA-2024-6785)	Nessus	Oracle Linux Local Security Checks	high
207470	Oracle Linux 8 : ruby:3.3 (ELSA-2024-6784)	Nessus	Oracle Linux Local Security Checks	high
207341	AlmaLinux 8 : pcs (ALSA-2024:6670)	Nessus	Alma Linux Local Security Checks	high
207335	Oracle Linux 8 : pcs (ELSA-2024-6670)	Nessus	Oracle Linux Local Security Checks	high
207320	RHEL 8 : pcs (RHSA-2024:6703)	Nessus	Red Hat Local Security Checks	high
207317	RHEL 8 : pcs (RHSA-2024:6702)	Nessus	Red Hat Local Security Checks	high
207307	Rocky Linux 8 : pcs (RLSA-2024:6670)	Nessus	Rocky Linux Local Security Checks	high
207295	RHEL 8 : pcs (RHSA-2024:6670)	Nessus	Red Hat Local Security Checks	high

Detections

Analytics

CVE-2024-41946

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high