Vulnerabilities > Nokogiri > Nokogiri > 1.2.1

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-29181 Nokogiri is an open source XML and HTML library for Ruby.
network
low complexity
nokogiri apple
8.2
2022-04-11 CVE-2022-24836 Nokogiri is an open source XML and HTML library for Ruby.
network
low complexity
nokogiri fedoraproject debian apple
7.5
2022-03-25 CVE-2018-25032 Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5
2021-09-27 CVE-2021-41098 Unspecified vulnerability in Nokogiri
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support.
network
low complexity
nokogiri
7.5
2020-12-30 CVE-2020-26247 XXE vulnerability in multiple products
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support.
network
low complexity
nokogiri debian CWE-611
4.3
2020-02-19 CVE-2012-6685 XML Entity Expansion vulnerability in multiple products
Nokogiri before 1.5.4 is vulnerable to XXE attacks
network
low complexity
nokogiri redhat CWE-776
7.5
2019-08-16 CVE-2019-5477 OS Command Injection vulnerability in multiple products
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open` method.
network
low complexity
nokogiri canonical debian CWE-78
critical
9.8