Lucene search
K

5 matches found

Snyk
Snyk
added 2025/10/08 12:37 a.m.3 views

Malicious Package

Overview nokogiri is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/08 12:37 a.m.1 views

EUVD-2025-32986

Malicious code in nokogiri npm...

6.6AI score
Exploits0References1
OpenVAS
OpenVAS
added 2025/07/23 12:0 a.m.7 views

Ubuntu: Security Advisory (USN-7659-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.1AI score0.22791EPSS
Exploits3References2
OSV
OSV
added 2024/06/15 12:0 a.m.10 views

OPENSUSE-SU-2024:11340-1 ruby2.7-rubygem-nokogiri-1.12.3-1.2 on GA media

These are all security issues fixed in the ruby2.7-rubygem-nokogiri-1.12.3-1.2 package on the GA media of openSUSE Tumbleweed...

10CVSS8.1AI score0.08628EPSS
Exploits8References32
OSV
OSV
added 2021/02/04 1:40 p.m.7 views

MGASA-2021-0063 Updated ruby-nokogiri packages fix security vulnerabilities

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename...

9.8CVSS7AI score0.05899EPSS
Exploits0References4
Rows per page
Query Builder