Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems nokogiri Security Advisories

Loading...
Low
GSA_kwCzR0hTQS1yOTVoLTl4OGYtcjNmN84AA74p
Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS12Y2MzLXJ3NmYtanY5N84AA6Gq
Use-after-free in libxml2 via Nokogiri::XML::Reader
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS14Yzl4LWpqNzctOXA5as4AA5Ek
Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1weHZnLTJxajUtMzdqcc4AAytn
Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1xdjRxLW1yNXItcXByas4AAwNH
Unchecked return value from xmlTextReaderExpand
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0ycWM2LW1jdnctOTJjd84AAvaT
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS01OWdwLXFxbTctY3c0as4AApYf
Nokogiri has vulnerable dependencies on libxml2 and libxslt
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 53.1
Published: about 2 years ago
High
GSA_kwCzR0hTQS1qdzlmLWhoNDktY3ZwOc4AAoiz
Nokogiri contains libxml Out-of-bounds Write vulnerability
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 51.9
Published: about 2 years ago
High
GSA_kwCzR0hTQS12NGY4LTI4NDctcndtN84AAoiI
Nokogiri Implements libxml2 version vulnerable to use-after-free
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 53.1
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0yODZ2LXBjZjUtMjVyY84AAof1
Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS12bWZ4LWdjZnEtd3ZtMs4AAi6z
Nokogiri implementation of libxslt vulnerable to heap corruption
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS0yNDJ4LTdjbTYtNHc4as4AAid7
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS1jZjQ2LTZ4eGgtcGM3Nc4AAhJV
libxslt Type Confusion vulnerability that affects Nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS00aG05LTg0NGotam14cM4AAhJW
Uninitialized read in Nokogiri gem
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS14aDI5LXIydzUtd3g4bc4AAgdN
Nokogiri Improperly Handles Unexpected Data Type
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 49.5
Published: about 2 years ago
High
GSA_kwCzR0hTQS1jZ3g2LWhwd3EtZmh2Nc4AAgZn
Integer Overflow or Wraparound in libxml2 affects Nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 51.9
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yNThyLTc0Z3gtNnd4M84AAVTq
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 53.1
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1xeGNnLXhqamctNjZtas4AAQF8
Nokogiri vulnerable to libxslt protection mechanism bypass
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: about 2 years ago
High
GSA_kwCzR0hTQS14MmZtLTkzd3ctZ2d2eM3pEA
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02MnFwLTNmeG0tOXd4Zs3gJg
Nokogiri vulnerable to DoS while parsing XML documents
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 39.3
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qbWhoLXc3eHAtd2czOc3gKA
Nokogiri vulnerable to DoS while parsing XML entities
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 39.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS02d2o5LTc3d3EtanE3cM1Auw
Nokogiri is vulnerable to XML External Entity (XXE) attack
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS1neDh4LWc4N20taDVxNs055Q
Denial of Service (DoS) in Nokogiri on JRuby
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS14eHg5LTN4Y3ItZ2pqM8055A
XML Injection in Xerces Java affects Nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 39.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS12NmdwLTltbW0tYzZwNc054w
Out-of-bounds Write in zlib affects Nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS1jcmpyLTlyYzUtZ2h3OM054g
Nokogiri Inefficient Regular Expression Complexity
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS1qYzM2LTQyY2YtdnF3as018g
Nokogiri affected by zlib's Out-of-bounds Write vulnerability
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS1mcTQyLWM1cmctOTJjMs0u1A
Vulnerable dependencies in Nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS0ycnI1LThxMzctMnc3aM0V_Q
Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdycm0tdjQ1Zi1qcDY0
Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZyOHEtZzVjNy1tNTRt
Nokogiri::XML::Schema trusts input by default, exposing risk of XXE vulnerability
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1NTMtanI5OC12eDQ3
libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNWotOTUzai14dzVw
Nokogiri Command Injection Vulnerability
Ecosystems: rubygems
Packages: rexical, nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxdnAtcjZyMy05cDdo
Nokogiri NULL Pointer Dereference
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4anItNWg2OS1xdzN3
Heap-based buffer overflow in nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdocDIteHdwai05NWpx
Denial of service or RCE from libxml2 and libxslt
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: almost 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyNTItNGhxdy1wMjdm
Nokogiri does not forbid namespace nodes in XPointer ranges
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhqcWctOWp2Zy1mZ3gy
Nokogiri subject to DoS via libxml2 vulnerability
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE3d3gtNjJyNy1qMng3
Nokogiri vulnerable to libxml XML Entity Expansion
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBmNm0tZnhwcS1mZzh2
Nokogiri implementation of libxslt lacks integer overflow checks
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 53.1
Published: almost 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4MnAtanFnbS1mNDVn
Uncontrolled resource consumption in nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 39.3
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3cnYtY3I2di00dm00
Cross-site Scripting in loofah
Ecosystems: rubygems
Packages: nokogiri, loofah
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjNTYtY3Btdy04OXg3
Out-of-bounds read in nokogiri
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: over 6 years ago
Statistics
Advisories: 19,479
Packages: 8,596
Repositories: 6
Ecosystems: 12
Filter by Package
actionpack 58 nokogiri 43 rubygems-update 25 rack 23 puppet 23 activerecord 21 publify_core 14 activesupport 14 passenger 13 actionview 12 rails 11 puma 11 fat_free_crm 10 jquery-rails 9 decidim 9 rails-html-sanitizer 9 jquery 8 org.webjars.npm:jquery 8 org.jruby:jruby-stdlib 7 jQuery 7 jQuery.UI.Combined 7 jquery-ui 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 camaleon_cms 6 katello 6 doorkeeper 6 ember-source 6 loofah 6 spree_auth_devise 5 bundler 5 spree 5 sidekiq 5 commonmarker 5 grpc 4 grpcio 4 rails_admin 4 avo 4 devise 4 carrierwave 4 mail 4 sanitize 4 webrick 4 sinatra 4 dragonfly 4 fluentd 4 activestorage 4 yard 3 cgi 3 resque 3 bootstrap 3 gollum 3 omniauth 3 rest-client 3 geminabox 3 bootstrap 3 private_address_check 3 chartkick 3 rubyzip 3 io.grpc:grpc-protobuf 3 rdoc 3 rack-cors 3 phlex 3 json-jwt 3 decidim-core 3 activeadmin 3 git 3 openssl 3 ruby-saml 3 faye 2 json 2 twitter-bootstrap-rails 2 logstash-core 2 redcarpet 2 facter 2 uri 2 httparty 2 VladTheEnterprising 2 omniauth-facebook 2 ox 2 echor 2 mini_magick 2 rexml 2 yajl-ruby 2 git-fastclone 2 spina 2 bson 2 net-ldap 2 kaminari 2 paperclip 2 user_agent_parser 2 pghero 2 devise-two-factor 2 secure_headers 2 pdfkit 2 cocoapods-downloader 2 solidus_frontend 2 radiant 2 field_test 2 qiita-markdown 2 kramdown 2 decidim-templates 2 sprockets 2 mechanize 2 pyarrow 2 safemode 2 red-arrow 2 mapbox.js 2 i18n 2 google-protobuf 2 com.google.protobuf:protobuf-kotlin 2 administrate 2 sup 2 pageflow 2 mapbox-rails 2 com.google.protobuf:protobuf-java 2 bootstrap-sass 2 decidim-admin 2 view_component 2 ruby-openid 2 solidus_core 2 actiontext 2 paratrooper-newrelic 1 octopoller 1 jmespath 1 trilogy 1 date 1 github.com/github/hub 1 hub 1 sentry-raven 1 websocket-extensions 1 ruby_parser 1 railties 1 foreman_ansible 1 gitlab-grit 1 geokit-rails 1 multi_xml 1 keynote 1 padrino-contrib 1 bolt 1 omniauth-microsoft_graph 1 lynx 1 rubocop 1 ruby-mysql 1 kafo 1 hammer_cli_foreman 1 jruby-openssl 1 redcloth 1 em-http-request 1 command_wrap 1 gtk2 1 rotp 1 @turbo-boost/commands 1 activejob 1 personnummer 1 turbo_boost-commands 1 kcapifony 1 brbackup 1 discordrb 1 rmagick 1 diffy 1 recurly 1 solidus_backend 1 md2pdf 1 sounder 1 ldap_fluff 1 resque-scheduler 1 xapian-core 1 mixlib-archive 1 rswag 1 pdf_info 1 inline_svg 1 foreman_fog_proxmox 1 message_bus 1 shrine 1 papercrop 1 omniauth-auth0 1 spree_api 1 omniauth-apple 1 asciidoctor 1 audited 1 govuk_tech_docs 1 oauth 1 clockwork_web 1 trestle-auth 1 point-cli 1 openshift-origin-node 1 decidim-system 1 lean-ruport 1 flash_tool 1 tweetstream 1 ftpd 1 twitter-stream 1 pysha3 1 better_errors 1 sha3 1 mongrel 1 unpoly-rails 1 cap-strap 1 ruby-jss 1