Lucene search
K

6 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Ruby-Nokogiri

A command injection vulnerability exists in Nokogiri v1.10.3 and earlier. This vulnerability allows commands to be executed in a subprocess via Ruby’s Kernel.open method. Processes become vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is called with unsafe user input ...

9.8CVSS7.2AI score0.05899EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/10/12 12:0 a.m.28 views

Debian dla-3150 : rexical - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3150 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3150-1 [email protected] https://www.debian.org/lts/security/...

9.8CVSS8AI score0.05899EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2019/08/16 12:0 a.m.53 views

CVE-2019-5477

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename. This...

9.8CVSS9.7AI score0.05899EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/14 12:0 a.m.36 views

FreeBSD : Nokogiri -- injection vulnerability (0569146e-bdef-11e9-bd31-8de4a4470bbb)

Nokogiri GitHub release : A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input...

9.8CVSS8.1AI score0.05899EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2019/08/11 12:0 a.m.31 views

Nokogiri -- injection vulnerability

Nokogiri GitHub release: A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input...

9.8CVSS2.9AI score0.05899EPSS
Exploits0References2
RubySec
RubySec
added 2019/08/11 12:0 a.m.22 views

Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input. This vulnerability appears...

9.8CVSS3.2AI score0.05899EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder