Package impact

RubyGems / nokogiri

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2021-3537	medium	—	5.5	4y ago	Moderate: libxml2 security update	+1
CVE-2021-3517	medium	—	5.5	4y ago	Moderate: libxml2 security update	+1
CVE-2021-3518	medium	—	5.5	4y ago	Moderate: libxml2 security update	+1
CVE-2020-7595	medium	—	5.5	6y ago	libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation
CVE-2017-18258	medium	—	5.5	8y ago	Uncontrolled resource consumption in nokogiri
CVE-2019-13118	medium	5.3	5.3	4y ago	In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, …	+3
CVE-2019-13117	medium	5.3	5.3	7y ago	In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte o…	+2
CVE-2015-7499	medium	—	5.0	11y ago	Heap-based buffer overflow in nokogiri	+3
CVE-2015-1819	medium	—	5.0	11y ago	Nokogiri vulnerable to libxml XML Entity Expansion	+3
CVE-2022-23437	unknown	—	—	4y ago	Infinite Loop in Apache Xerces Java
CVE-2022-24839	unknown	—	—	4y ago	org.nokogiri:nekohtml vulnerable to Uncontrolled Resource Consumption