Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.17 views

Fedora 37 : rubygem-nokogiri (2022-b5c325caad)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-b5c325caad advisory. A potential bug was found on nokogiri on or before 1.13.9 overlooked some return values from functions used internally. This can lead to raise some illegal...

7.5CVSS7.9AI score0.0168EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/12 6:57 a.m.32 views

Security Bulletin: Vulnerabilities in Logstash affect IBM Operations Analytics - Log Analysis (CVE-2022-29181, CVE-2022-23476)

Summary There are multple nokogiri vulnerabilities in Logstash that effect IBM Operations Analytics - Log Analysis. These have been addressed. Vulnerability Details CVEID:CVE-2022-29181 DESCRIPTION: Nokogiri is vulnerable to a denial of service, caused by improper handling of unexpected data type...

8.2CVSS7.8AI score0.03078EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/22 12:0 a.m.35 views

Fedora 36 : rubygem-nokogiri (2022-acff3f54b2)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-acff3f54b2 advisory. A potential bug was found on nokogiri on or before 1.13.9 overlooked some return values from functions used internally. This can lead to raise some illegal...

7.5CVSS7.9AI score0.0168EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2022/12/14 1:5 p.m.37 views

CVE-2022-23476

A denial of service flaw was found in rubygem-nokogiri. When parsing invalid markup, a NULL pointer exception may occur, which is a potential vector for a denial of service attack...

7.5CVSS3.3AI score0.0168EPSS
Exploits0References4
NVD
NVD
added 2022/12/08 4:15 a.m.24 views

CVE-2022-23476

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

7.5CVSS0.0168EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/12/08 3:3 a.m.59 views

CVE-2022-23476 Unchecked return value from xmlTextReaderExpand in Nokogiri

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

7.5CVSS7.5AI score0.0168EPSS
Exploits0References3
CVE
CVE
added 2022/12/08 3:3 a.m.209 views

CVE-2022-23476

Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in Nokogiri::XML::Reader#attribute_hash, which can trigger a null pointer exception when parsing invalid markup. This could be a DoS vector for applications using XML::Reader on untrusted input. Remediation: upgrad...

7.5CVSS7.4AI score0.0168EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/12/08 3:3 a.m.31 views

CVE-2022-23476 Unchecked return value from xmlTextReaderExpand in Nokogiri

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

7.5CVSS8.3AI score0.0168EPSS
Exploits0References5
Rows per page
Query Builder