Search for packages
| purl | pkg:rpm/redhat/tfm-rubygem-nokogiri@1.13.8-1?arch=el8sat |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9wgc-swf9-z7hq
Aliases: CVE-2022-24836 GHSA-crjr-9rc5-ghw8 |
Inefficient Regular Expression Complexity Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue. | There are no reported fixed by versions. |
|
VCID-snr1-kaug-43aa
Aliases: CVE-2022-29181 GHSA-xh29-r2w5-wx8m |
Multiple vulnerabilities have been discovered in Nokogiri, the worst of which could result in denial of service. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:59:00.554974+00:00 | RedHat Importer | Affected by | VCID-9wgc-swf9-z7hq | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24836.json | 38.0.0 |
| 2026-04-01T13:58:28.288100+00:00 | RedHat Importer | Affected by | VCID-snr1-kaug-43aa | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29181.json | 38.0.0 |