VIR Vulnerability Intelligence Relay

Package impact

ruby RubyGems / nokogiri

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2019-11068 critical 9.8 9.8 7y ago libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a… susedebianubuntufedora+2
CVE-2016-4658 critical 9.8 9.8 9y ago Nokogiri does not forbid namespace nodes in XPointer ranges susearchdebianmacos+1
CVE-2019-5815 critical 9.5 4y ago multiple issues in chromium archdebianruby
CVE-2017-15412 critical 9.5 8y ago multiple issues in chromium archsusedebianruby
CVE-2017-5029 high 8.8 8.8 9y ago multiple issues in chromium archsusedebianredhat+4
CVE-2018-25032 high 8.0 4y ago Important: mingw-zlib security update rockylinuxredhatarchsuse+2
CVE-2022-24836 high 8.0 4y ago Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encod… rockylinuxsusedebianruby
CVE-2021-30560 high 8.0 4y ago arbitrary code execution in chromium archdebiansuseruby
CVE-2021-41098 high 8.0 5y ago Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parser resolves external entities by de… archdebianruby
CVE-2019-18197 high 7.5 7.5 4y ago In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds ch… archsusedebianlinux+2
CVE-2017-16932 high 7.5 7.5 8y ago Nokogiri gem, via libxml, is affected by DoS vulnerabilities susedebianruby
CVE-2017-9050 high 7.5 7.5 9y ago Out-of-bounds read in nokogiri susedebianruby
CVE-2015-8806 high 7.5 7.5 10y ago Denial of service or RCE from libxml2 and libxslt susedebianubunturuby
CVE-2015-5312 high 7.1 11y ago Nokogiri subject to DoS via libxml2 vulnerability debianubunturedhatmacos+2
CVE-2022-23437 unknown 4y ago Infinite Loop in Apache Xerces Java susedebianrubyjava
CVE-2022-24839 unknown 4y ago org.nokogiri:nekohtml vulnerable to Uncontrolled Resource Consumption susedebianrubyjava