Package impact

RubyGems / nokogiri

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2016-4658	critical	9.8	9.8	9y ago	Nokogiri does not forbid namespace nodes in XPointer ranges	+1
CVE-2019-5815	critical	—	9.5	4y ago	multiple issues in chromium
CVE-2019-18197	critical	—	9.5	4y ago	multiple issues in chromium
CVE-2017-15412	critical	—	9.5	8y ago	multiple issues in chromium
CVE-2017-5029	high	8.8	8.8	9y ago	multiple issues in chromium	+4
CVE-2022-24836	high	—	8.0	4y ago	Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encod…
CVE-2018-25032	high	—	8.0	4y ago	Important: mingw-zlib security update	+2
CVE-2021-30560	high	—	8.0	4y ago	arbitrary code execution in chromium
CVE-2021-41098	high	—	8.0	5y ago	Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parser resolves external entities by de…
CVE-2017-16932	high	7.5	7.5	8y ago	Nokogiri gem, via libxml, is affected by DoS vulnerabilities
CVE-2017-9050	high	7.5	7.5	9y ago	Out-of-bounds read in nokogiri
CVE-2015-8806	high	7.5	7.5	10y ago	Denial of service or RCE from libxml2 and libxslt
CVE-2015-5312	high	—	7.1	11y ago	Nokogiri subject to DoS via libxml2 vulnerability	+2
CVE-2021-3517	medium	—	5.5	4y ago	Moderate: libxml2 security update	+1
CVE-2021-3537	medium	—	5.5	4y ago	Moderate: libxml2 security update	+1
CVE-2021-3518	medium	—	5.5	4y ago	Moderate: libxml2 security update	+1
CVE-2020-7595	medium	—	5.5	6y ago	libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation
CVE-2017-18258	medium	—	5.5	8y ago	Uncontrolled resource consumption in nokogiri
CVE-2015-7499	medium	—	5.0	11y ago	Heap-based buffer overflow in nokogiri	+3
CVE-2015-1819	medium	—	5.0	11y ago	Nokogiri vulnerable to libxml XML Entity Expansion	+3