Nokogiri XSLT transform has a memory leak

Summary Nokogiri's Nokogiri::XSLT::Stylesheettransform leaks a small heap allocation when passed a Ruby string parameter containing a null byte. For applications that pass attacker-controlled input through XSLT.transform parameters, this may be a vector for a denial of service attack against...

Nokogiri CSS selector tokenizer has regular expression backtracking

Summary Nokogiri's CSS selector tokenizer contains regular expressions whose construction may result in exponential regex backtracking on adversarial selectors. Three ReDoS vectors are addressed in this release: 1. String-literal tokenization on certain unterminated quoted-string input. 2...

PT-2026-38487

Summary Nokogiri's CSS selector tokenizer contains regular expressions whose construction may result in exponential regex backtracking on adversarial selectors. Three ReDoS vectors are addressed in this release: 1. String-literal tokenization on certain unterminated quoted-string input. 2...

Regular Expression Denial of Service (ReDoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the CSS selector tokenizer in css/tokenizer.rb. An attacker can cause excessive resource consumption by supplying malicious input to...

Authentication Bypass

ruby-saml is vulnerable to authentication bypass. The vulnerability is due to improper handling of libxml2 canonicalization in Nokogiri when processing invalid XML, which returns an empty string used for DigestValue calculation, allowing an attacker to perform a Signature Wrapping attack and bypa...

CVE-2025-66568

The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...

CVE-2025-66568

CVE-2025-66568 affects the ruby-saml library (client-side SAML) with versions up to 1.12.4 vulnerable to authentication bypass via libxml2 canonicalization used by Nokogiri. On invalid XML input, canonicalization can return an empty string, causing DigestValue to be computed over that empty strin...

CVE-2025-66567 ruby-saml has a SAML authentication bypass due to namespace handling (parser differential)

The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entirely different...

EUVD-2025-29431

Malicious code in bioql PyPI...

Stack-based Buffer Overflow

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the xmlBuildQName function. An attacker can cause a crash and denial of service by supplying specially crafted XML input that triggers an integer...

DEBIAN-CVE-2025-25291

ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely...

SUSE CVE-2012-6685

Nokogiri before 1.5.4 is vulnerable to XXE attacks...

SUSE CVE-2020-26247

Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...

SUSE CVE-2022-24836

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue...

DEBIAN-CVE-2022-23476

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

PT-2022-16017

Name of the Vulnerable Software and Affected Versions Nokogiri versions 1.13.8 through 1.13.9 Description Nokogiri is an open source XML and HTML library for the Ruby programming language. It fails to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattribute has...

nokogiri: ReDoS in HTML encoding detection

A flaw was found in the nokogiri library when processing an inefficient and complex regular expression. This flaw allows an attacker to cause excessive consumption of resources, which affects performance...

DEBIAN-CVE-2022-24836

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue...

UBUNTU-CVE-2022-24836

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue...

PT-2021-23087

Name of the Vulnerable Software and Affected Versions Nokogiri versions 1.12.4 and earlier Description Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri, on JRuby only, the SAX parser resolves external entities by default. Users of...