CVE-2022-23476

🗓️ 08 Dec 2022 04:09:15Reported by GitHub_MType

Nokogiri XML/HTML library for Ruby `1.13.8`, `1.13.9` null pointer exception issu

Reporter	Title	Published	Views	Family All 27
Veracode	Denial Of Service (DoS)	14 Dec 202215:37	–	veracode
Veracode	Denial Of Service (DoS)	21 Dec 202206:07	–	veracode
Tenable Nessus	Photon OS 5.0: Rubygem PHSA-2024-5.0-0432	1 Jan 202500:00	–	nessus
Tenable Nessus	Fedora 36 : rubygem-nokogiri (2022-acff3f54b2)	22 Dec 202200:00	–	nessus
Tenable Nessus	Fedora 37 : rubygem-nokogiri (2022-b5c325caad)	14 Nov 202400:00	–	nessus
Tenable Nessus	GLSA-202408-13 : Nokogiri: Denial of Service	7 Aug 202400:00	–	nessus
Prion	Null pointer dereference	8 Dec 202204:15	–	prion
UbuntuCve	CVE-2022-23476	8 Dec 202200:00	–	ubuntucve
NVD	CVE-2022-23476	8 Dec 202204:15	–	nvd
Cvelist	CVE-2022-23476 Unchecked return value from xmlTextReaderExpand in Nokogiri	8 Dec 202203:03	–	cvelist

Nvd

Vulners

Node

nokogiri nokogiriMatch1.13.8ruby

nokogiri nokogiriMatch1.13.9ruby

[
  {
    "vendor": "sparklemotion",
    "product": "nokogiri",
    "versions": [
      {
        "version": ">= 1.13.8, < 1.13.10",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/sparklemotion/nokogiri/security/advisories/GHSA-qv4q-mr5r-qprj
github	www.github.com/sparklemotion/nokogiri/commit/9fe0761c47c0d4270d1a5220cfd25de080350d50
github	www.github.com/sparklemotion/nokogiri/commit/85410e38410f670cbbc8c5b00d07b843caee88ce

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Dec 2022 04:15Current

7.4High risk

Vulners AI Score7.4

CVSS37.5

EPSS0.00121