8 matches found
Fedora 37 : rubygem-nokogiri (2022-b5c325caad)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-b5c325caad advisory. A potential bug was found on nokogiri on or before 1.13.9 overlooked some return values from functions used internally. This can lead to raise some illegal...
Security Bulletin: Vulnerabilities in Logstash affect IBM Operations Analytics - Log Analysis (CVE-2022-29181, CVE-2022-23476)
Summary There are multple nokogiri vulnerabilities in Logstash that effect IBM Operations Analytics - Log Analysis. These have been addressed. Vulnerability Details CVEID:CVE-2022-29181 DESCRIPTION: Nokogiri is vulnerable to a denial of service, caused by improper handling of unexpected data type...
Fedora 36 : rubygem-nokogiri (2022-acff3f54b2)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-acff3f54b2 advisory. A potential bug was found on nokogiri on or before 1.13.9 overlooked some return values from functions used internally. This can lead to raise some illegal...
CVE-2022-23476
A denial of service flaw was found in rubygem-nokogiri. When parsing invalid markup, a NULL pointer exception may occur, which is a potential vector for a denial of service attack...
CVE-2022-23476
Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...
CVE-2022-23476 Unchecked return value from xmlTextReaderExpand in Nokogiri
Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...
CVE-2022-23476
Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in Nokogiri::XML::Reader#attribute_hash, which can trigger a null pointer exception when parsing invalid markup. This could be a DoS vector for applications using XML::Reader on untrusted input. Remediation: upgrad...
CVE-2022-23476 Unchecked return value from xmlTextReaderExpand in Nokogiri
Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...