5 matches found
Malicious Package
Overview nokogiri is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
EUVD-2025-32986
Malicious code in nokogiri npm...
Ubuntu: Security Advisory (USN-7659-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2024:11340-1 ruby2.7-rubygem-nokogiri-1.12.3-1.2 on GA media
These are all security issues fixed in the ruby2.7-rubygem-nokogiri-1.12.3-1.2 package on the GA media of openSUSE Tumbleweed...
MGASA-2021-0063 Updated ruby-nokogiri packages fix security vulnerabilities
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename...