{"id":"USN-7840-1","summary":"ruby2.3, ruby2.5, ruby2.7 vulnerabilities","details":"It was discovered that the REXML module bunded into Ruby incorrectly\nhandled parsing XML documents with repeated instances of certain\ncharacters. An attacker could possibly use this issue to cause REXML to\nconsume excessive resources, leading to a denial of service. Ubuntu 18.04\nLTS and Ubuntu 20.04 LTS were previously addressed in USN-7256-1 and\nUSN-7734-1. This update addresses the issue in Ubuntu 16.04 LTS.\n(CVE-2024-35176)\n\nIt was discovered that the REXML module bunded into Ruby incorrectly\nhandled parsing XML documents with repeated instances of certain\ncharacters. An attacker could possibly use this issue to cause REXML to\nconsume excessive resources, leading to a denial of service. Ubuntu 20.04\nLTS was previously addressed in USN-7256-1. This update addresses the issue\nin Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-39908, CVE-2024-41123)\n\nIt was discovered that the REXML module bunded into Ruby incorrectly\nhandled parsing XML documents with many entity expansions. An attacker\ncould possibly use this issue to cause REXML to consume excessive\nresources, leading to a denial of service. Ubuntu 20.04 LTS was previously\naddressed in USN-7091-2. This update addresses the issue in Ubuntu 16.04\nLTS and Ubuntu 18.04 LTS. (CVE-2024-41946)\n\nIt was discovered that the WEBrick module bundled into Ruby incorrectly\nhandled having both a Content-Length header and a Transfer-Encoding header.\nA remote attacker could possibly use this issue to perform a HTTP request\nsmuggling attack. (CVE-2024-47220)\n\nIt was discovered that the WEBrick module bundled into Ruby incorrectly\nparsed HTTP headers. In configurations where the WEBrick module is placed\nbehind an HTTP proxy, a remote attacker could possibly use this issue to\nperform an HTTP Request Smuggling attack. (CVE-2025-6442)","modified":"2026-05-20T16:06:16.611726565Z","published":"2025-10-27T14:39:58Z","related":["UBUNTU-CVE-2024-35176","UBUNTU-CVE-2024-39908","UBUNTU-CVE-2024-41123","UBUNTU-CVE-2024-41946","UBUNTU-CVE-2024-47220","UBUNTU-CVE-2025-6442"],"upstream":["CVE-2024-35176","CVE-2024-39908","CVE-2024-41123","CVE-2024-41946","CVE-2024-47220","CVE-2025-6442","UBUNTU-CVE-2024-35176","UBUNTU-CVE-2024-39908","UBUNTU-CVE-2024-41123","UBUNTU-CVE-2024-41946","UBUNTU-CVE-2024-47220","UBUNTU-CVE-2025-6442"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7840-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35176"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-39908"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-41123"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-41946"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-47220"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-6442"}],"affected":[{"package":{"name":"ruby2.3","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/ruby2.3?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3.1-2~ubuntu16.04.16+esm11"}]}],"versions":["2.3.0-1","2.3.0-2","2.3.0-4ubuntu2","2.3.0-4ubuntu3","2.3.0-5ubuntu1","2.3.1-2~16.04","2.3.1-2~16.04.2","2.3.1-2~16.04.4","2.3.1-2~16.04.5","2.3.1-2~16.04.6","2.3.1-2~16.04.7","2.3.1-2~16.04.9","2.3.1-2~16.04.10","2.3.1-2~16.04.11","2.3.1-2~16.04.12","2.3.1-2~ubuntu16.04.13","2.3.1-2~ubuntu16.04.14","2.3.1-2~ubuntu16.04.15","2.3.1-2~ubuntu16.04.16","2.3.1-2~ubuntu16.04.16+esm1","2.3.1-2~ubuntu16.04.16+esm2","2.3.1-2~ubuntu16.04.16+esm3","2.3.1-2~ubuntu16.04.16+esm4","2.3.1-2~ubuntu16.04.16+esm5","2.3.1-2~ubuntu16.04.16+esm6","2.3.1-2~ubuntu16.04.16+esm7","2.3.1-2~ubuntu16.04.16+esm8","2.3.1-2~ubuntu16.04.16+esm9","2.3.1-2~ubuntu16.04.16+esm10"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"libruby2.3","binary_version":"2.3.1-2~ubuntu16.04.16+esm11"},{"binary_name":"ruby2.3","binary_version":"2.3.1-2~ubuntu16.04.16+esm11"},{"binary_name":"ruby2.3-tcltk","binary_version":"2.3.1-2~ubuntu16.04.16+esm11"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7840-1.json","cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:16.04:LTS"}}},{"package":{"name":"ruby2.5","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/ruby2.5?arch=source&distro=esm-infra%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5.1-1ubuntu1.16+esm6"}]}],"versions":["2.5.0~preview1-1ubuntu2","2.5.0-4ubuntu1","2.5.0-4ubuntu4","2.5.0-5ubuntu1","2.5.0-6ubuntu1","2.5.1-1ubuntu1","2.5.1-1ubuntu1.1","2.5.1-1ubuntu1.2","2.5.1-1ubuntu1.4","2.5.1-1ubuntu1.5","2.5.1-1ubuntu1.6","2.5.1-1ubuntu1.7","2.5.1-1ubuntu1.8","2.5.1-1ubuntu1.9","2.5.1-1ubuntu1.10","2.5.1-1ubuntu1.11","2.5.1-1ubuntu1.12","2.5.1-1ubuntu1.13","2.5.1-1ubuntu1.14","2.5.1-1ubuntu1.15","2.5.1-1ubuntu1.16","2.5.1-1ubuntu1.16+esm1","2.5.1-1ubuntu1.16+esm3","2.5.1-1ubuntu1.16+esm4","2.5.1-1ubuntu1.16+esm5"],"ecosystem_specific":{"binaries":[{"binary_name":"libruby2.5","binary_version":"2.5.1-1ubuntu1.16+esm6"},{"binary_name":"ruby2.5","binary_version":"2.5.1-1ubuntu1.16+esm6"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7840-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:18.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-39908"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-41123"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-41946"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-47220"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-6442"}]}}},{"package":{"name":"ruby2.7","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/ruby2.7?arch=source&distro=esm-infra%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.0-5ubuntu1.18+esm3"}]}],"versions":["2.7.0-1","2.7.0-2","2.7.0-3","2.7.0-4","2.7.0-4ubuntu1","2.7.0-5ubuntu1","2.7.0-5ubuntu1.1","2.7.0-5ubuntu1.2","2.7.0-5ubuntu1.3","2.7.0-5ubuntu1.4","2.7.0-5ubuntu1.5","2.7.0-5ubuntu1.6","2.7.0-5ubuntu1.7","2.7.0-5ubuntu1.8","2.7.0-5ubuntu1.9","2.7.0-5ubuntu1.10","2.7.0-5ubuntu1.11","2.7.0-5ubuntu1.12","2.7.0-5ubuntu1.13","2.7.0-5ubuntu1.14","2.7.0-5ubuntu1.15","2.7.0-5ubuntu1.16","2.7.0-5ubuntu1.17","2.7.0-5ubuntu1.18","2.7.0-5ubuntu1.18+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"libruby2.7","binary_version":"2.7.0-5ubuntu1.18+esm3"},{"binary_name":"ruby2.7","binary_version":"2.7.0-5ubuntu1.18+esm3"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7840-1.json","cves_map":{"cves":[{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-47220"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-6442"}],"ecosystem":"Ubuntu:Pro:20.04:LTS"}}}],"schema_version":"1.7.5"}