diff --git a/SPECS/ruby/CVE-2024-41946.patch b/SPECS/ruby/CVE-2024-41946.patch
deleted file mode 100644
index 63e3c821d91..00000000000
--- a/SPECS/ruby/CVE-2024-41946.patch
+++ /dev/null
@@ -1,111 +0,0 @@
-From 8f46a0155b5ff647fef8314b0b36491ea2d7de7b Mon Sep 17 00:00:00 2001
-From: Harshit Gupta <guptaharshit@microsoft.com>
-Date: Wed, 18 Sep 2024 09:34:21 -0700
-Subject: [PATCH] Patch for CVE-2024-41946
-
-Based on upstream commit
-https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368
-
----
- lib/rexml/parsers/baseparser.rb | 19 ++++++++++++++++++-
- lib/rexml/parsers/pullparser.rb |  4 ++++
- lib/rexml/parsers/sax2parser.rb |  4 ++++
- 3 files changed, 26 insertions(+), 1 deletion(-)
-
-diff --git a/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/baseparser.rb b/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/baseparser.rb
-index d09237c..61f6787 100644
---- a/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/baseparser.rb
-+++ b/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/baseparser.rb
-@@ -128,6 +128,7 @@ module REXML
-       def initialize( source )
-         self.stream = source
-         @listeners = []
-+        @entity_expansion_count = 0
-       end
- 
-       def add_listener( listener )
-@@ -135,6 +136,7 @@ module REXML
-       end
- 
-       attr_reader :source
-+      attr_reader :entity_expansion_count
- 
-       def stream=( source )
-         @source = SourceFactory.create_from( source )
-@@ -446,7 +448,9 @@ module REXML
-       def entity( reference, entities )
-         value = nil
-         value = entities[ reference ] if entities
--        if not value
-+        if value
-+          record_entity_expansion
-+        else
-           value = DEFAULT_ENTITIES[ reference ]
-           value = value[2] if value
-         end
-@@ -481,12 +485,17 @@ module REXML
-         }
-         matches.collect!{|x|x[0]}.compact!
-         if matches.size > 0
-+          sum = 0
-           matches.each do |entity_reference|
-             unless filter and filter.include?(entity_reference)
-               entity_value = entity( entity_reference, entities )
-               if entity_value
-                 re = /&#{entity_reference};/
-                 rv.gsub!( re, entity_value )
-+                sum += rv.bytesize
-+                if sum > Security.entity_expansion_text_limit
-+                  raise "entity expansion has grown too large"
-+                end
-               else
-                 er = DEFAULT_ENTITIES[entity_reference]
-                 rv.gsub!( er[0], er[2] ) if er
-@@ -499,6 +508,14 @@ module REXML
-       end
- 
-       private
-+
-+      def record_entity_expansion
-+        @entity_expansion_count += 1
-+        if @entity_expansion_count > Security.entity_expansion_limit
-+          raise "number of entity expansions exceeded, processing aborted."
-+        end
-+      end
-+
-       def need_source_encoding_update?(xml_declaration_encoding)
-         return false if xml_declaration_encoding.nil?
-         return false if /\AUTF-16\z/i =~ xml_declaration_encoding
-diff --git a/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/pullparser.rb b/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/pullparser.rb
-index f8b232a..36b4595 100644
---- a/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/pullparser.rb
-+++ b/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/pullparser.rb
-@@ -47,6 +47,10 @@ module REXML
-         @listeners << listener
-       end
- 
-+      def entity_expansion_count
-+        @parser.entity_expansion_count
-+      end
-+
-       def each
-         while has_next?
-           yield self.pull
-diff --git a/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/sax2parser.rb b/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/sax2parser.rb
-index 6a24ce2..01cb469 100644
---- a/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/sax2parser.rb
-+++ b/.bundle/gems/rexml-3.2.8/lib/rexml/parsers/sax2parser.rb
-@@ -22,6 +22,10 @@ module REXML
-         @parser.source
-       end
- 
-+      def entity_expansion_count
-+        @parser.entity_expansion_count
-+      end
-+
-       def add_listener( listener )
-         @parser.add_listener( listener )
-       end
--- 
-2.34.1
-
diff --git a/SPECS/ruby/ruby.signatures.json b/SPECS/ruby/ruby.signatures.json
index 9eb2f74004c..d996802d5e9 100644
--- a/SPECS/ruby/ruby.signatures.json
+++ b/SPECS/ruby/ruby.signatures.json
@@ -7,6 +7,6 @@
     "rubygems.con": "eb804c6b50eeafdb2172285265bc487a80acaa9846233cd5f1d20a25f1dac2ea",
     "rubygems.prov": "b79c1f5873dd20d251e100b276a5e584c1fb677f3e1b92534fc09130fabe8ee5",
     "rubygems.req": "e85681d8fa45d214055f3b26a8c1829b3a4bd67b26a5ef3c1f6426e7eff83ad0",
-    "ruby-3.3.3.tar.gz": "83c05b2177ee9c335b631b29b8c077b4770166d02fa527f3a9f6a40d13f3cce2"
+    "ruby-3.3.5.tar.gz": "3781a3504222c2f26cb4b9eb9c1a12dbf4944d366ce24a9ff8cf99ecbce75196"
   }
 }
diff --git a/SPECS/ruby/ruby.spec b/SPECS/ruby/ruby.spec
index 9a384802039..f1129ea0285 100644
--- a/SPECS/ruby/ruby.spec
+++ b/SPECS/ruby/ruby.spec
@@ -4,7 +4,7 @@
 %global gem_dir %{_datadir}/ruby/gems
 
 # Default package version defined separately, because the %%version macro gets overwritten by 'Version' tags of the subpackages.
-%global ruby_version            3.3.3
+%global ruby_version            3.3.5
 %define ruby_version_majmin     %(echo %{ruby_version} | cut -d. -f1-2)
 
 %global rubygems_version        3.5.3
@@ -88,7 +88,7 @@ Name:           ruby
 # provides should be versioned according to the ruby version.
 # More info: https://stdgems.org/
 Version:        %{ruby_version}
-Release:        2%{?dist}
+Release:        1%{?dist}
 License:        (Ruby OR BSD) AND Public Domain AND MIT AND CC0 AND zlib AND UCD
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -102,7 +102,6 @@ Source4:        rubygems.con
 Source5:        rubygems.prov
 Source6:        rubygems.req
 Source7:        macros.rubygems
-Patch0:         CVE-2024-41946.patch
 # Updates default ruby-uri to 0.12.2 and vendored one to 0.10.3. Remove once ruby gets updated to a version that comes with both lib/uri/version.rb and lib/bundler/vendor/uri/lib/uri/version.rb versions >= 0.12.2 or == 0.10.3
 BuildRequires:  openssl-devel
 # Pkgconfig(yaml-0.1) is needed to build the 'psych' gem.
@@ -408,6 +407,10 @@ sudo -u test make test TESTS="-v"
 %{_rpmconfigdir}/rubygems.con
 
 %changelog
+* Fri Nov 08 2024 Saul Paredes <saulparedes@microsoft.com> - 3.3.5-1
+- Upgrade ruby to 3.3.5 to resolve CVE-2024-39908
+- Remove CVE-2024-41946.patch as it no longer applies as ruby 3.3.5 containers rubygem-rexml 3.3.6, where CVE-2024-41946 is already fixed
+
 * Wed Sep 18 2024 Harshit Gupta <guptaharshit@microsoft.com> - 3.3.3-2
 - Revert ruby back to 3.3.3 to avoid build failure of rubygems-* packages
 - Add patch for CVE-2024-41946 for bundled gem rexml
diff --git a/cgmanifest.json b/cgmanifest.json
index f5fc36f4594..ce2d9230e2a 100644
--- a/cgmanifest.json
+++ b/cgmanifest.json
@@ -25894,8 +25894,8 @@
         "type": "other",
         "other": {
           "name": "ruby",
-          "version": "3.3.3",
-          "downloadUrl": "https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.3.tar.gz"
+          "version": "3.3.5",
+          "downloadUrl": "https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.5.tar.gz"
         }
       }
     },