Nokogiri Security Vulnerabilities and Issues — Nokogiri CVE List

Lucene search

NokogiriNokogiri

4 matches found

CVE•added 2022/03/25 9:15 a.m.•3068 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00095EPSS

CVE•added 2022/04/11 10:15 p.m.•204 views

CVE-2022-24836

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue.

7.5CVSS7.5AI score0.01203EPSS

CVE•added 2022/12/08 4:15 a.m.•184 views

CVE-2022-23476

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Reader#attribute_hash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

7.5CVSS7.4AI score0.00185EPSS

CVE•added 2022/05/20 7:15 p.m.•179 views

CVE-2022-29181

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 c...

8.2CVSS8AI score0.0646EPSS