Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2022-24836

🗓️ 11 Apr 2022 22:07:15Reported by GitHub_MType 
cve
 cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 199 Views

Nokogiri < v1.13.4 has inefficient regex prone to excessive backtrackin

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
Debian		[SECURITY] [DLA 3003-1] ruby-nokogiri security update
13 May 202217:29
debian
Debian		[SECURITY] [DLA 3868-1] ruby-nokogiri security update
3 Sep 202410:14
debian
Debian		[SECURITY] [DLA 3149-1] ruby-nokogiri security update
12 Oct 202214:46
debian
Tenable Nessus		Amazon Linux AMI : rubygem-nokogiri, rubygem18-nokogiri (ALAS-2022-1595)
10 Jun 202200:00
nessus
Tenable Nessus		Debian dla-3868 : ruby-nokogiri - security update
3 Sep 202400:00
nessus
Tenable Nessus		Debian DLA-3003-1 : ruby-nokogiri - LTS security update
14 May 202200:00
nessus
Tenable Nessus		Amazon Linux 2022 : rubygem-nokogiri (ALAS2022-2022-062)
6 Sep 202200:00
nessus
Tenable Nessus		SUSE SLED15 / SLES15 Security Update : rubygem-nokogiri (SUSE-SU-2022:4016-1)
17 Nov 202200:00
nessus
Tenable Nessus		SUSE SLED15 / SLES15 Security Update : rubygem-nokogiri (SUSE-SU-2022:4015-1)
17 Nov 202200:00
nessus
Tenable Nessus		Debian dla-3149 : ruby-nokogiri - security update
12 Oct 202200:00
nessus
Rows per page
Nvd
Vulners
Node
nokogirinokogiriRange<1.13.4ruby
Node
fedoraprojectfedoraMatch34
OR
fedoraprojectfedoraMatch35
OR
fedoraprojectfedoraMatch36
Node
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
applemacosRange13.013.1
[
  {
    "vendor": "sparklemotion",
    "product": "nokogiri",
    "versions": [
      {
        "version": "< 1.13.4",
        "status": "affected"
      }
    ]
  }
]
SourceLink
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OUPLBUZVM4WPFSXBEP2JS3R6LMKRTLFC/
githubwww.github.com/sparklemotion/nokogiri/commit/e444525ef1634b675cd1cf52d39f4320ef0aecfd
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DHCOWMA5PQTIQIMDENA7R2Y5BDYAIYM/
supportwww.support.apple.com/kb/HT213532
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMDCWRQXJQ3TFSETPCEFMQ6RR6ME5UA3/
listswww.lists.debian.org/debian-lts-announce/2022/10/msg00018.html
githubwww.github.com/sparklemotion/nokogiri/security/advisories/GHSA-crjr-9rc5-ghw8
seclistswww.seclists.org/fulldisclosure/2022/Dec/23
securitywww.security.gentoo.org/glsa/202208-29
listswww.lists.debian.org/debian-lts-announce/2022/05/msg00013.html
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
11 Apr 2022 22:15Current
7.5High risk
Vulners AI Score7.5
CVSS25
CVSS37.5
EPSS0.01055
CWE-400CWE-1333
nokogirixml libraryhtml libraryrubycve-2022-24836securityupgrade
199
.json
Report