pkg:gem/nokogiri
Type
gem
Name
nokogiri
Known advisories, vulnerabilities and fixes for nokogiri package.
- Repository
- https://rubygems.org/gems/nokogiri
Critical
3
High
26
Medium
10
Low
1
None
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 1.6.3 |
CVE-2013-6461
|
 RUBYSEC:NOKOGIRI-118481
|
Nokogiri Gem for JRuby XML Document Root Element Handling Memory Consumption Remote DoS | medium |
2014-04-30T00:00:00
(10 years ago) |
|
| Fixed | = 1.6.2.2 >= 1.6.3 |
CVE-2013-6461
|
RUBYSEC:NOKOGIRI-118481
|
Nokogiri Gem for JRuby XML Document Root Element Handling Memory Consumption Remote DoS | medium |
2014-04-30T00:00:00
(10 years ago) |
|
| Affected | < 1.5.4 |
CVE-2012-6685
|
RUBYSEC:NOKOGIRI-2012-6685
|
CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw | high |
2012-06-08T00:00:00
(12 years ago) |
|
| Fixed | >= 1.5.4 |
CVE-2012-6685
|
RUBYSEC:NOKOGIRI-2012-6685
|
CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw | high |
2012-06-08T00:00:00
(12 years ago) |
|
| Affected | < 1.6.1 |
CVE-2013-6460
|
RUBYSEC:NOKOGIRI-2013-6460
|
CVE-2013-6460 rubygem-nokogiri: DoS while parsing XML documents | medium |
2013-12-14T00:00:00
(10 years ago) |
|
| Fixed | = 1.5.11 >= 1.6.1 |
CVE-2013-6460
|
RUBYSEC:NOKOGIRI-2013-6460
|
CVE-2013-6460 rubygem-nokogiri: DoS while parsing XML documents | medium |
2013-12-14T00:00:00
(10 years ago) |
|
| Affected | < 1.6.1 |
CVE-2013-6461
|
RUBYSEC:NOKOGIRI-2013-6461
|
CVE-2013-6461 rubygem-nokogiri: DoS while parsing XML entities | medium |
2013-12-14T00:00:00
(10 years ago) |
|
| Fixed | = 1.5.11 >= 1.6.1 |
CVE-2013-6461
|
RUBYSEC:NOKOGIRI-2013-6461
|
CVE-2013-6461 rubygem-nokogiri: DoS while parsing XML entities | medium |
2013-12-14T00:00:00
(10 years ago) |
|
| Affected | < 1.6.7.rc4 |
CVE-2015-1819
CVE-2015-7941 CVE-2015-7942 CVE-2015-7995 CVE-2015-8035 |
RUBYSEC:NOKOGIRI-2015-1819
|
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt | medium |
2015-04-14T00:00:00
(9 years ago) |
|
| Fixed | = 1.6.6.4 >= 1.6.7.rc4 |
CVE-2015-1819
CVE-2015-7941 CVE-2015-7942 CVE-2015-7995 CVE-2015-8035 |
RUBYSEC:NOKOGIRI-2015-1819
|
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt | medium |
2015-04-14T00:00:00
(9 years ago) |
|
| Affected | < 1.6.7.1 = 1.6.0 |
CVE-2015-5312
CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 |
RUBYSEC:NOKOGIRI-2015-5312
|
Nokogiri gem contains several vulnerabilities in libxml2 | high |
2015-12-15T00:00:00
(8 years ago) |
|
| Fixed | >= 1.6.7.1 |
CVE-2015-5312
CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 |
RUBYSEC:NOKOGIRI-2015-5312
|
Nokogiri gem contains several vulnerabilities in libxml2 | high |
2015-12-15T00:00:00
(8 years ago) |
|
| Unaffected | < 1.6.0 |
CVE-2015-5312
CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 |
RUBYSEC:NOKOGIRI-2015-5312
|
Nokogiri gem contains several vulnerabilities in libxml2 | high |
2015-12-15T00:00:00
(8 years ago) |
|
| Affected | < 1.6.7.2 = 1.6.0 |
CVE-2015-7499
|
RUBYSEC:NOKOGIRI-2015-7499
|
Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2 | medium |
2016-01-19T00:00:00
(8 years ago) |
|
| Fixed | >= 1.6.7.2 |
CVE-2015-7499
|
RUBYSEC:NOKOGIRI-2015-7499
|
Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2 | medium |
2016-01-19T00:00:00
(8 years ago) |
|
| Unaffected | < 1.6.0 |
CVE-2015-7499
|
RUBYSEC:NOKOGIRI-2015-7499
|
Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2 | medium |
2016-01-19T00:00:00
(8 years ago) |
|
| Affected | < 1.6.8 = 1.6.0 |
CVE-2015-8806
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4449 CVE-2016-4483 |
RUBYSEC:NOKOGIRI-2015-8806
|
Denial of service or RCE from libxml2 and libxslt | high |
2016-06-07T00:00:00
(8 years ago) |
|
| Fixed | >= 1.6.8 |
CVE-2015-8806
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4449 CVE-2016-4483 |
RUBYSEC:NOKOGIRI-2015-8806
|
Denial of service or RCE from libxml2 and libxslt | high |
2016-06-07T00:00:00
(8 years ago) |
|
| Unaffected | < 1.6.0 |
CVE-2015-8806
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4449 CVE-2016-4483 |
RUBYSEC:NOKOGIRI-2015-8806
|
Denial of service or RCE from libxml2 and libxslt | high |
2016-06-07T00:00:00
(8 years ago) |
|
| Affected | < 1.7.1 |
CVE-2016-4658
CVE-2016-5131 |
RUBYSEC:NOKOGIRI-2016-4658
|
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt | critical |
2017-03-11T00:00:00
(7 years ago) |
|
| Fixed | >= 1.7.1 |
CVE-2016-4658
CVE-2016-5131 |
RUBYSEC:NOKOGIRI-2016-4658
|
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt | critical |
2017-03-11T00:00:00
(7 years ago) |
|
| Affected | < 1.8.2 |
CVE-2017-15412
CVE-2017-18258 |
RUBYSEC:NOKOGIRI-2017-15412
|
Nokogiri gem, via libxml, is affected by DoS vulnerabilities | high |
2018-01-29T00:00:00
(6 years ago) |
|
| Fixed | >= 1.8.2 |
CVE-2017-15412
CVE-2017-18258 |
RUBYSEC:NOKOGIRI-2017-15412
|
Nokogiri gem, via libxml, is affected by DoS vulnerabilities | high |
2018-01-29T00:00:00
(6 years ago) |
|
| Affected | < 1.8.1 |
CVE-2017-16932
|
RUBYSEC:NOKOGIRI-2017-16932
|
Nokogiri gem, via libxml, is affected by DoS vulnerabilities | high |
2018-01-29T00:00:00
(6 years ago) |
|
| Fixed | >= 1.8.1 |
CVE-2017-16932
|
RUBYSEC:NOKOGIRI-2017-16932
|
Nokogiri gem, via libxml, is affected by DoS vulnerabilities | high |
2018-01-29T00:00:00
(6 years ago) |
|
| Affected | < 1.8.2 |
CVE-2017-18258
|
RUBYSEC:NOKOGIRI-2017-18258
|
Moderate severity vulnerability that affects nokogiri | medium |
2018-04-13T00:00:00
(6 years ago) |
|
| Fixed | >= 1.8.2 |
CVE-2017-18258
|
RUBYSEC:NOKOGIRI-2017-18258
|
Moderate severity vulnerability that affects nokogiri | medium |
2018-04-13T00:00:00
(6 years ago) |
|
| Affected | < 1.7.2 |
CVE-2016-4738
CVE-2017-5029 |
RUBYSEC:NOKOGIRI-2017-5029
|
Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29 | high |
2017-05-09T00:00:00
(7 years ago) |
|
| Fixed | >= 1.7.2 |
CVE-2016-4738
CVE-2017-5029 |
RUBYSEC:NOKOGIRI-2017-5029
|
Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29 | high |
2017-05-09T00:00:00
(7 years ago) |
|
| Affected | < 1.8.1 |
CVE-2017-0663
CVE-2017-7375 CVE-2017-7376 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 |
RUBYSEC:NOKOGIRI-2017-9050
|
Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities | high |
2017-09-19T00:00:00
(7 years ago) |
|
| Fixed | >= 1.8.1 |
CVE-2017-0663
CVE-2017-7375 CVE-2017-7376 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 |
RUBYSEC:NOKOGIRI-2017-9050
|
Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities | high |
2017-09-19T00:00:00
(7 years ago) |
|
| Affected | < 1.8.5 |
CVE-2018-14404
CVE-2018-14567 |
RUBYSEC:NOKOGIRI-2018-14404
|
Nokogiri gem, via libxml2, is affected by multiple vulnerabilities | high |
2018-10-04T00:00:00
(6 years ago) |
|
| Fixed | >= 1.8.5 |
CVE-2018-14404
CVE-2018-14567 |
RUBYSEC:NOKOGIRI-2018-14404
|
Nokogiri gem, via libxml2, is affected by multiple vulnerabilities | high |
2018-10-04T00:00:00
(6 years ago) |
|
| Affected | < 1.13.4 |
CVE-2018-25032
|
RUBYSEC:NOKOGIRI-2018-25032
|
Out-of-bounds Write in zlib affects Nokogiri | high |
2022-04-11T00:00:00
(2 years ago) |
|
| Fixed | >= 1.13.4 |
CVE-2018-25032
|
RUBYSEC:NOKOGIRI-2018-25032
|
Out-of-bounds Write in zlib affects Nokogiri | high |
2022-04-11T00:00:00
(2 years ago) |
|
| Affected | < 1.8.3 |
CVE-2018-3740
CVE-2018-3741 CVE-2018-8048 |
RUBYSEC:NOKOGIRI-2018-8048
|
Revert libxml2 behavior in Nokogiri gem that could cause XSS | medium |
2018-03-29T00:00:00
(6 years ago) |
|
| Fixed | >= 1.8.3 |
CVE-2018-3740
CVE-2018-3741 CVE-2018-8048 |
RUBYSEC:NOKOGIRI-2018-8048
|
Revert libxml2 behavior in Nokogiri gem that could cause XSS | medium |
2018-03-29T00:00:00
(6 years ago) |
|
| Affected | < 1.10.3 |
CVE-2019-11068
|
RUBYSEC:NOKOGIRI-2019-11068
|
Nokogiri gem, via libxslt, is affected by improper access control vulnerability | critical |
2019-04-22T00:00:00
(5 years ago) |
|
| Fixed | >= 1.10.3 |
CVE-2019-11068
|
RUBYSEC:NOKOGIRI-2019-11068
|
Nokogiri gem, via libxslt, is affected by improper access control vulnerability | critical |
2019-04-22T00:00:00
(5 years ago) |
|
| Affected | < 1.10.5 |
CVE-2019-13117
CVE-2019-13118 CVE-2019-18197 |
RUBYSEC:NOKOGIRI-2019-13117
|
Nokogiri gem, via libxslt, is affected by multiple vulnerabilities | high |
2019-10-31T00:00:00
(4 years ago) |
|
| Fixed | >= 1.10.5 |
CVE-2019-13117
CVE-2019-13118 CVE-2019-18197 |
RUBYSEC:NOKOGIRI-2019-13117
|
Nokogiri gem, via libxslt, is affected by multiple vulnerabilities | high |
2019-10-31T00:00:00
(4 years ago) |
|
| Affected | < 1.10.5 |
CVE-2019-13118
|
RUBYSEC:NOKOGIRI-2019-13118
|
libxslt Type Confusion vulnerability that affects Nokogiri | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Fixed | >= 1.10.5 |
CVE-2019-13118
|
RUBYSEC:NOKOGIRI-2019-13118
|
libxslt Type Confusion vulnerability that affects Nokogiri | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Affected | < 1.10.5 |
CVE-2019-18197
|
RUBYSEC:NOKOGIRI-2019-18197
|
Nokogiri affected by libxslt Use of Uninitialized Resource/ Use After Free vulnerability | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Fixed | >= 1.10.5 |
CVE-2019-18197
|
RUBYSEC:NOKOGIRI-2019-18197
|
Nokogiri affected by libxslt Use of Uninitialized Resource/ Use After Free vulnerability | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Affected | < 1.10.4 |
CVE-2019-5477
|
RUBYSEC:NOKOGIRI-2019-5477
|
Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file | critical |
2019-08-11T00:00:00
(5 years ago) |
|
| Fixed | >= 1.10.4 |
CVE-2019-5477
|
RUBYSEC:NOKOGIRI-2019-5477
|
Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file | critical |
2019-08-11T00:00:00
(5 years ago) |
|
| Affected | < 1.10.5 |
CVE-2019-5815
|
RUBYSEC:NOKOGIRI-2019-5815
|
Nokogiri implementation of libxslt vulnerable to heap corruption | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Fixed | >= 1.10.5 |
CVE-2019-5815
|
RUBYSEC:NOKOGIRI-2019-5815
|
Nokogiri implementation of libxslt vulnerable to heap corruption | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Affected | < 1.11.0.rc4 |
CVE-2020-26247
|
RUBYSEC:NOKOGIRI-2020-26247
|
Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability | low |
2020-12-30T00:00:00
(3 years ago) |
|
| Fixed | >= 1.11.0.rc4 |
CVE-2020-26247
|
RUBYSEC:NOKOGIRI-2020-26247
|
Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability | low |
2020-12-30T00:00:00
(3 years ago) |
|
| Affected | < 1.10.8 |
CVE-2020-7595
|
RUBYSEC:NOKOGIRI-2020-7595
|
libxml2 2.9.10 has an infinite loop in a certain end-of-file situation | high |
2020-02-12T00:00:00
(4 years ago) |
|
| Fixed | >= 1.10.8 |
CVE-2020-7595
|
RUBYSEC:NOKOGIRI-2020-7595
|
libxml2 2.9.10 has an infinite loop in a certain end-of-file situation | high |
2020-02-12T00:00:00
(4 years ago) |
|
| Affected | < 1.13.2 |
CVE-2021-30560
CVE-2022-23308 |
RUBYSEC:NOKOGIRI-2021-30560
|
Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35) | high |
2022-02-21T00:00:00
(2 years ago) |
|
| Fixed | >= 1.13.2 |
CVE-2021-30560
CVE-2022-23308 |
RUBYSEC:NOKOGIRI-2021-30560
|
Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35) | high |
2022-02-21T00:00:00
(2 years ago) |
|
| Affected | < 1.11.4 |
CVE-2021-3517
|
RUBYSEC:NOKOGIRI-2021-3517
|
Nokogiri contains libxml Out-of-bounds Write vulnerability | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Fixed | >= 1.11.4 |
CVE-2021-3517
|
RUBYSEC:NOKOGIRI-2021-3517
|
Nokogiri contains libxml Out-of-bounds Write vulnerability | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Affected | < 1.11.4 |
CVE-2021-3518
|
RUBYSEC:NOKOGIRI-2021-3518
|
Nokogiri Implements libxml2 version vulnerable to use-after-free | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Fixed | >= 1.11.4 |
CVE-2021-3518
|
RUBYSEC:NOKOGIRI-2021-3518
|
Nokogiri Implements libxml2 version vulnerable to use-after-free | high |
2022-05-24T00:00:00
(2 years ago) |
|
| Affected | < 1.11.4 |
CVE-2021-3537
|
RUBYSEC:NOKOGIRI-2021-3537
|
Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing | medium |
2022-05-24T00:00:00
(2 years ago) |
|
| Fixed | >= 1.11.4 |
CVE-2021-3537
|
RUBYSEC:NOKOGIRI-2021-3537
|
Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing | medium |
2022-05-24T00:00:00
(2 years ago) |
|
| Affected | < 1.12.5 |
CVE-2021-41098
|
RUBYSEC:NOKOGIRI-2021-41098
|
Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby | high |
2021-09-27T00:00:00
(3 years ago) |
|
| Fixed | >= 1.12.5 |
CVE-2021-41098
|
RUBYSEC:NOKOGIRI-2021-41098
|
Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby | high |
2021-09-27T00:00:00
(3 years ago) |
|
| Affected | < 1.13.4 |
CVE-2022-23437
|
RUBYSEC:NOKOGIRI-2022-23437
|
XML Injection in Xerces Java affects Nokogiri | medium |
2022-04-11T00:00:00
(2 years ago) |
|
| Fixed | >= 1.13.4 |
CVE-2022-23437
|
RUBYSEC:NOKOGIRI-2022-23437
|
XML Injection in Xerces Java affects Nokogiri | medium |
2022-04-11T00:00:00
(2 years ago) |
|
| Affected | < 1.13.10 |
CVE-2022-23476
|
RUBYSEC:NOKOGIRI-2022-23476
|
Unchecked return value from xmlTextReaderExpand | high |
2022-12-07T00:00:00
(21 months ago) |
|
| Fixed | >= 1.13.10 |
CVE-2022-23476
|
RUBYSEC:NOKOGIRI-2022-23476
|
Unchecked return value from xmlTextReaderExpand | high |
2022-12-07T00:00:00
(21 months ago) |
|
| Unaffected | <= 1.13.7 |
CVE-2022-23476
|
RUBYSEC:NOKOGIRI-2022-23476
|
Unchecked return value from xmlTextReaderExpand | high |
2022-12-07T00:00:00
(21 months ago) |
|
| Affected | < 1.13.4 |
CVE-2022-24836
|
RUBYSEC:NOKOGIRI-2022-24836
|
Inefficient Regular Expression Complexity in Nokogiri | high |
2022-04-11T00:00:00
(2 years ago) |
|
| Fixed | >= 1.13.4 |
CVE-2022-24836
|
RUBYSEC:NOKOGIRI-2022-24836
|
Inefficient Regular Expression Complexity in Nokogiri | high |
2022-04-11T00:00:00
(2 years ago) |
|
| Affected | < 1.13.4 |
CVE-2022-24839
|
RUBYSEC:NOKOGIRI-2022-24839
|
Denial of Service (DoS) in Nokogiri on JRuby | high |
2022-04-11T00:00:00
(2 years ago) |
|
| Fixed | >= 1.13.4 |
CVE-2022-24839
|
RUBYSEC:NOKOGIRI-2022-24839
|
Denial of Service (DoS) in Nokogiri on JRuby | high |
2022-04-11T00:00:00
(2 years ago) |
|
| Affected | < 1.13.6 |
CVE-2022-29181
|
RUBYSEC:NOKOGIRI-2022-29181
|
Improper Handling of Unexpected Data Type in Nokogiri | high |
2022-05-23T00:00:00
(2 years ago) |
|
| Fixed | >= 1.13.6 |
CVE-2022-29181
|
RUBYSEC:NOKOGIRI-2022-29181
|
Improper Handling of Unexpected Data Type in Nokogiri | high |
2022-05-23T00:00:00
(2 years ago) |
|
| Affected | < 1.13.9 |
CVE-2022-2309
CVE-2022-40303 CVE-2022-40304 |
RUBYSEC:NOKOGIRI-2QC6-MCVW-92CW
|
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs | high |
2022-10-18T00:00:00
(23 months ago) |
|
| Fixed | >= 1.13.9 |
CVE-2022-2309
CVE-2022-40303 CVE-2022-40304 |
RUBYSEC:NOKOGIRI-2QC6-MCVW-92CW
|
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs | high |
2022-10-18T00:00:00
(23 months ago) |
|
| Affected | < 1.11.4 |
CVE-2019-20388
CVE-2020-24977 CVE-2020-7595 CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVE-2021-3541 |
RUBYSEC:NOKOGIRI-7RRM-V45F-JP64
|
Update packaged dependency libxml2 from 2.9.10 to 2.9.12 | high |
2021-05-17T00:00:00
(3 years ago) |
|
| Fixed | >= 1.11.4 |
CVE-2019-20388
CVE-2020-24977 CVE-2020-7595 CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVE-2021-3541 |
RUBYSEC:NOKOGIRI-7RRM-V45F-JP64
|
Update packaged dependency libxml2 from 2.9.10 to 2.9.12 | high |
2021-05-17T00:00:00
(3 years ago) |
|
| Affected | < 1.13.5 |
CVE-2022-29824
|
RUBYSEC:NOKOGIRI-CGX6-HPWQ-FHV5
|
Integer Overflow or Wraparound in libxml2 affects Nokogiri | high |
2022-05-18T00:00:00
(2 years ago) |
|
| Fixed | >= 1.13.5 |
CVE-2022-29824
|
RUBYSEC:NOKOGIRI-CGX6-HPWQ-FHV5
|
Integer Overflow or Wraparound in libxml2 affects Nokogiri | high |
2022-05-18T00:00:00
(2 years ago) |
|
| Affected | < 1.14.3 |
CVE-2023-28484
CVE-2023-29469 |
RUBYSEC:NOKOGIRI-PXVG-2QJ5-37JQ
|
Update packaged libxml2 to v2.10.4 to resolve multiple CVEs | medium |
2023-04-11T00:00:00
(17 months ago) |
|
| Fixed | >= 1.14.3 |
CVE-2023-28484
CVE-2023-29469 |
RUBYSEC:NOKOGIRI-PXVG-2QJ5-37JQ
|
Update packaged libxml2 to v2.10.4 to resolve multiple CVEs | medium |
2023-04-11T00:00:00
(17 months ago) |
|
| Affected | < 1.16.5 |
RUBYSEC:NOKOGIRI-R95H-9X8F-R3F7
|
Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459 |
2024-05-13T00:00:00
(4 months ago) |
|||
| Fixed | >= 1.16.5 |
RUBYSEC:NOKOGIRI-R95H-9X8F-R3F7
|
Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459 |
2024-05-13T00:00:00
(4 months ago) |
|||
| Affected | < 1.16.2 |
CVE-2024-25062
|
RUBYSEC:NOKOGIRI-XC9X-JJ77-9P9J
|
Use-after-free in libxml2 via Nokogiri::XML::Reader | high |
2024-02-04T00:00:00
(7 months ago) |
|
| Fixed | = 1.15.6 >= 1.16.2 |
CVE-2024-25062
|
RUBYSEC:NOKOGIRI-XC9X-JJ77-9P9J
|
Use-after-free in libxml2 via Nokogiri::XML::Reader | high |
2024-02-04T00:00:00
(7 months ago) |