Lucene search
+L

4 matches found

nessus
nessus
added 2026/06/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-57437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document...

6.3CVSS6.1AI score0.00312EPSS
Exploits0References3
cve
cve
added 2026/06/25 2:34 p.m.19 views

CVE-2026-57437

Nokogiri (Ruby) vulnerable in versions prior to 1.19.4 due to Nokogiri::XML::XPathContext not keeping the source document alive for GC. If an XPathContext outlives its document and the document is collected, evaluating an XPath expression could read invalid memory and potentially segfault. This i...

6.3CVSS5.9AI score0.00312EPSS
Exploits0References1Affected Software1
osv
osv
added 2026/06/25 2:34 p.m.5 views

CVE-2026-57437 Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression...

6.3CVSS6AI score0.00312EPSS
Exploits0References3
osv
osv
added 2026/06/19 4:37 p.m.9 views

GHSA-P67V-3W7G-WJG7 Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime

Summary Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression could read invalid memory and potentially segfault. This is only reachable when application co...

6.3CVSS5.9AI score0.00312EPSS
Exploits0References2
Rows per page
Query Builder