usn-7840-1
Vulnerability from osv_ubuntu
Published
2025-10-27 14:39
Modified
2026-06-25 10:46
Summary
ruby2.3, ruby2.5, ruby2.7 vulnerabilities
Details

It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of certain characters. An attacker could possibly use this issue to cause REXML to consume excessive resources, leading to a denial of service. Ubuntu 18.04 LTS and Ubuntu 20.04 LTS were previously addressed in USN-7256-1 and USN-7734-1. This update addresses the issue in Ubuntu 16.04 LTS. (CVE-2024-35176)

It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of certain characters. An attacker could possibly use this issue to cause REXML to consume excessive resources, leading to a denial of service. Ubuntu 20.04 LTS was previously addressed in USN-7256-1. This update addresses the issue in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-39908, CVE-2024-41123)

It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with many entity expansions. An attacker could possibly use this issue to cause REXML to consume excessive resources, leading to a denial of service. Ubuntu 20.04 LTS was previously addressed in USN-7091-2. This update addresses the issue in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-41946)

It was discovered that the WEBrick module bundled into Ruby incorrectly handled having both a Content-Length header and a Transfer-Encoding header. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. (CVE-2024-47220)

It was discovered that the WEBrick module bundled into Ruby incorrectly parsed HTTP headers. In configurations where the WEBrick module is placed behind an HTTP proxy, a remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2025-6442)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2024-35176",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-39908",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-41123",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-41946",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-47220",
              "severity": [
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-6442",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "libruby2.3",
            "binary_version": "2.3.1-2~ubuntu16.04.16+esm11"
          },
          {
            "binary_name": "ruby2.3",
            "binary_version": "2.3.1-2~ubuntu16.04.16+esm11"
          },
          {
            "binary_name": "ruby2.3-tcltk",
            "binary_version": "2.3.1-2~ubuntu16.04.16+esm11"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "ruby2.3",
        "purl": "pkg:deb/ubuntu/ruby2.3@2.3.1-2~ubuntu16.04.16+esm11?arch=source\u0026distro=esm-infra/xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.1-2~ubuntu16.04.16+esm11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.3.0-1",
        "2.3.0-2",
        "2.3.0-4ubuntu2",
        "2.3.0-4ubuntu3",
        "2.3.0-5ubuntu1",
        "2.3.1-2~16.04",
        "2.3.1-2~16.04.2",
        "2.3.1-2~16.04.4",
        "2.3.1-2~16.04.5",
        "2.3.1-2~16.04.6",
        "2.3.1-2~16.04.7",
        "2.3.1-2~16.04.9",
        "2.3.1-2~16.04.10",
        "2.3.1-2~16.04.11",
        "2.3.1-2~16.04.12",
        "2.3.1-2~ubuntu16.04.13",
        "2.3.1-2~ubuntu16.04.14",
        "2.3.1-2~ubuntu16.04.15",
        "2.3.1-2~ubuntu16.04.16",
        "2.3.1-2~ubuntu16.04.16+esm1",
        "2.3.1-2~ubuntu16.04.16+esm2",
        "2.3.1-2~ubuntu16.04.16+esm3",
        "2.3.1-2~ubuntu16.04.16+esm4",
        "2.3.1-2~ubuntu16.04.16+esm5",
        "2.3.1-2~ubuntu16.04.16+esm6",
        "2.3.1-2~ubuntu16.04.16+esm7",
        "2.3.1-2~ubuntu16.04.16+esm8",
        "2.3.1-2~ubuntu16.04.16+esm9",
        "2.3.1-2~ubuntu16.04.16+esm10"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2024-39908",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-41123",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-41946",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-47220",
              "severity": [
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-6442",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:18.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "libruby2.5",
            "binary_version": "2.5.1-1ubuntu1.16+esm6"
          },
          {
            "binary_name": "ruby2.5",
            "binary_version": "2.5.1-1ubuntu1.16+esm6"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:18.04:LTS",
        "name": "ruby2.5",
        "purl": "pkg:deb/ubuntu/ruby2.5@2.5.1-1ubuntu1.16+esm6?arch=source\u0026distro=esm-infra/bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.5.1-1ubuntu1.16+esm6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.5.0~preview1-1ubuntu2",
        "2.5.0-4ubuntu1",
        "2.5.0-4ubuntu4",
        "2.5.0-5ubuntu1",
        "2.5.0-6ubuntu1",
        "2.5.1-1ubuntu1",
        "2.5.1-1ubuntu1.1",
        "2.5.1-1ubuntu1.2",
        "2.5.1-1ubuntu1.4",
        "2.5.1-1ubuntu1.5",
        "2.5.1-1ubuntu1.6",
        "2.5.1-1ubuntu1.7",
        "2.5.1-1ubuntu1.8",
        "2.5.1-1ubuntu1.9",
        "2.5.1-1ubuntu1.10",
        "2.5.1-1ubuntu1.11",
        "2.5.1-1ubuntu1.12",
        "2.5.1-1ubuntu1.13",
        "2.5.1-1ubuntu1.14",
        "2.5.1-1ubuntu1.15",
        "2.5.1-1ubuntu1.16",
        "2.5.1-1ubuntu1.16+esm1",
        "2.5.1-1ubuntu1.16+esm3",
        "2.5.1-1ubuntu1.16+esm4",
        "2.5.1-1ubuntu1.16+esm5"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2024-47220",
              "severity": [
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-6442",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "libruby2.7",
            "binary_version": "2.7.0-5ubuntu1.18+esm3"
          },
          {
            "binary_name": "ruby2.7",
            "binary_version": "2.7.0-5ubuntu1.18+esm3"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:20.04:LTS",
        "name": "ruby2.7",
        "purl": "pkg:deb/ubuntu/ruby2.7@2.7.0-5ubuntu1.18+esm3?arch=source\u0026distro=esm-infra/focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.0-5ubuntu1.18+esm3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.7.0-1",
        "2.7.0-2",
        "2.7.0-3",
        "2.7.0-4",
        "2.7.0-4ubuntu1",
        "2.7.0-5ubuntu1",
        "2.7.0-5ubuntu1.1",
        "2.7.0-5ubuntu1.2",
        "2.7.0-5ubuntu1.3",
        "2.7.0-5ubuntu1.4",
        "2.7.0-5ubuntu1.5",
        "2.7.0-5ubuntu1.6",
        "2.7.0-5ubuntu1.7",
        "2.7.0-5ubuntu1.8",
        "2.7.0-5ubuntu1.9",
        "2.7.0-5ubuntu1.10",
        "2.7.0-5ubuntu1.11",
        "2.7.0-5ubuntu1.12",
        "2.7.0-5ubuntu1.13",
        "2.7.0-5ubuntu1.14",
        "2.7.0-5ubuntu1.15",
        "2.7.0-5ubuntu1.16",
        "2.7.0-5ubuntu1.17",
        "2.7.0-5ubuntu1.18",
        "2.7.0-5ubuntu1.18+esm1"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that the REXML module bunded into Ruby incorrectly\nhandled parsing XML documents with repeated instances of certain\ncharacters. An attacker could possibly use this issue to cause REXML to\nconsume excessive resources, leading to a denial of service. Ubuntu 18.04\nLTS and Ubuntu 20.04 LTS were previously addressed in USN-7256-1 and\nUSN-7734-1. This update addresses the issue in Ubuntu 16.04 LTS.\n(CVE-2024-35176)\n\nIt was discovered that the REXML module bunded into Ruby incorrectly\nhandled parsing XML documents with repeated instances of certain\ncharacters. An attacker could possibly use this issue to cause REXML to\nconsume excessive resources, leading to a denial of service. Ubuntu 20.04\nLTS was previously addressed in USN-7256-1. This update addresses the issue\nin Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-39908, CVE-2024-41123)\n\nIt was discovered that the REXML module bunded into Ruby incorrectly\nhandled parsing XML documents with many entity expansions. An attacker\ncould possibly use this issue to cause REXML to consume excessive\nresources, leading to a denial of service. Ubuntu 20.04 LTS was previously\naddressed in USN-7091-2. This update addresses the issue in Ubuntu 16.04\nLTS and Ubuntu 18.04 LTS. (CVE-2024-41946)\n\nIt was discovered that the WEBrick module bundled into Ruby incorrectly\nhandled having both a Content-Length header and a Transfer-Encoding header.\nA remote attacker could possibly use this issue to perform a HTTP request\nsmuggling attack. (CVE-2024-47220)\n\nIt was discovered that the WEBrick module bundled into Ruby incorrectly\nparsed HTTP headers. In configurations where the WEBrick module is placed\nbehind an HTTP proxy, a remote attacker could possibly use this issue to\nperform an HTTP Request Smuggling attack. (CVE-2025-6442)",
  "id": "USN-7840-1",
  "modified": "2026-06-25T10:46:59Z",
  "published": "2025-10-27T14:39:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-7840-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-35176"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-39908"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-41123"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-41946"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-47220"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2025-6442"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "ruby2.3, ruby2.5, ruby2.7 vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2024-35176",
    "UBUNTU-CVE-2024-39908",
    "UBUNTU-CVE-2024-41123",
    "UBUNTU-CVE-2024-41946",
    "UBUNTU-CVE-2024-47220",
    "UBUNTU-CVE-2025-6442"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…