Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-57235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet and its alias slice checked the...

8.2CVSS6AI score0.00331EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-57437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document...

6.3CVSS6.1AI score0.00312EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 9:31 p.m.9 views

CVE-2026-57234

A flaw was found in Nokogiri, an XML and HTML library for Ruby. The NONET parse option, intended to prevent external resource fetching, was not correctly enforced in the JRuby implementation of Nokogiri::XML::Schema. This oversight could allow a specially crafted XML schema to fetch external...

4.8CVSS5.6AI score0.00166EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 11:9 a.m.12 views

CVE-2026-57438

A flaw was found in Nokogiri, an XML and HTML library for the Ruby programming language. When performing XInclude substitutions, the library prematurely frees memory associated with nodes and namespaces. If an application has exposed these freed objects to Ruby, a local attacker could potentially...

6.6CVSS5.7AI score0.00093EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 4:16 p.m.11 views

CVE-2026-57438

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...

6.6CVSS0.00093EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 4:16 p.m.5 views

UBUNTU-CVE-2026-57438

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...

6.6CVSS5.8AI score0.00093EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 3:16 p.m.11 views

CVE-2026-57434

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This caused a NULL pointer dereference that could...

7.5CVSS0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 3:16 p.m.4 views

UBUNTU-CVE-2026-57436

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new root was a Nokogiri::XML::Node, allowing a DTD node to be set as the document root. The result is a heap use-after-free during garbage...

6.3CVSS5.7AI score0.00312EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 3:16 p.m.7 views

UBUNTU-CVE-2026-57235

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet and its alias slice checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then...

8.2CVSS5.8AI score0.00331EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 3:16 p.m.5 views

UBUNTU-CVE-2026-57437

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression...

6.3CVSS5.8AI score0.00312EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 2:39 p.m.5 views

EUVD-2026-39429

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...

5.9CVSS5.9AI score0.00093EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-5789

Malicious code in bioql PyPI...

8.2CVSS7.4AI score0.02886EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1712

Malicious code in bioql PyPI...

7.5CVSS8.6AI score0.03549EPSS
Exploits0References22
Redos
Redos
added 2025/08/25 12:0 a.m.5 views

ROS-20250825-02

A vulnerability in the Nokogiri program library of the Ruby interpreter is related to improper handling of an an unexpected data type. Exploitation of the vulnerability could allow an attacker, acting remotely, disclose protected information or cause a denial of service A vulnerability in the...

8.2CVSS7.3AI score0.02886EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-24836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue. CVE-2022-24836 Note that Nessus reli...

7.5CVSS7.1AI score0.03549EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-29181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type- check all inputs into the XML and HTML4 SAX parsers,...

8.2CVSS6.9AI score0.02886EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-24839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when...

7.5CVSS6.7AI score0.02114EPSS
Exploits0References3
Snyk
Snyk
added 2024/05/13 2:40 p.m.1 views

Heap-based Buffer Overflow

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the xmlHTMLPrintFileContext function in xmllint.c. An attacker can read memory contents that may contain sensitive data by triggering a buffer...

7.5CVSS7.1AI score0.02298EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/03/12 12:0 a.m.4 views

The vulnerability of the html-code analyzer NekoHTML in the Nokogiri software library allows a perpetrator to trigger a service failure.

The vulnerability of the html-code analyzer NekoHTML in the Nokogiri software library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.8AI score0.02114EPSS
Exploits0References8Affected Software12
Redos
Redos
added 2023/10/03 12:0 a.m.51 views

ROS-20230929-01

Vulnerability in the URI component of the Ruby programming language, related to improper handling of invalid URLs containing certain characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the...

7.5CVSS5.6AI score0.05533EPSS
Exploits0
Rows per page
Query Builder