rubygem-racc (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package rubygem-racc, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2024-27280 — CVSS 9.8 (critical): A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte…
CVE-2026-33210 — CVSS 9.1 (critical): Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string…
CVE-2026-41316 — CVSS 8.1 (high): ERB is a templating system for Ruby. Ruby 2.7.0 (before ERB 2.2.0 was published on rubygems.org) introduced an `@_init` instance variable…
CVE-2025-24294 — CVSS 7.5 (high): The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a…
CVE-2024-27282 — CVSS 6.6 (medium): An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to…
CVE-2024-43398 — CVSS 5.9 (medium): REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that…
CVE-2024-41123 — CVSS 5.3 (medium): REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific…
CVE-2024-41946 — CVSS 5.3 (medium): REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with…
CVE-2025-58767 — CVSS 5.3 (medium): REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML…
CVE-2024-27281 — CVSS 4.5 (medium): An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for…
CVE-2024-39908 — CVSS 4.3 (medium): REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific…