{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","type":"deb","namespace":"debian","name":"ruby-nokogiri","version":"1.13.10+dfsg-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.18.2+dfsg-1","latest_non_vulnerable_version":"1.19.1+dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197186?format=json","vulnerability_id":"VCID-2vtx-kt21-wuac","summary":"xml external entity injection","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41098.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41098.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41098","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48698","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41098"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-41098.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-41098.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/5bf729ff3cc84709ee3c3248c981584088bf9f6d","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/commit/5bf729ff3cc84709ee3c3248c981584088bf9f6d"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41098","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41098"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2008914","reference_id":"2008914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2008914"},{"reference_url":"https://security.archlinux.org/AVG-2424","reference_id":"AVG-2424","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2424"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102686?format=json","purl":"pkg:deb/debian/ruby-nokogiri@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-41098","GHSA-2rr5-8q37-2w7h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vtx-kt21-wuac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/163827?format=json","vulnerability_id":"VCID-47qk-3n97-wfb7","summary":"Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri `1.13.8` and `1.13.9` fail to check the return value from `xmlTextReaderExpand` in the method `Nokogiri::XML::Reader#attribute_hash`. This can lead to a null pointer exception when invalid markup is being parsed. For applications using `XML::Reader` to parse untrusted inputs, this may potentially be a vector for a denial of service attack. Users are advised to upgrade to Nokogiri `>= 1.13.10`. Users may be able to search their code for calls to either `XML::Reader#attributes` or `XML::Reader#attribute_hash` to determine if they are affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23476.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23476.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23476","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50808","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23476"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153279","reference_id":"2153279","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153279"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/85410e38410f670cbbc8c5b00d07b843caee88ce","reference_id":"85410e38410f670cbbc8c5b00d07b843caee88ce","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:48:08Z/"}],"url":"https://github.com/sparklemotion/nokogiri/commit/85410e38410f670cbbc8c5b00d07b843caee88ce"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/9fe0761c47c0d4270d1a5220cfd25de080350d50","reference_id":"9fe0761c47c0d4270d1a5220cfd25de080350d50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:48:08Z/"}],"url":"https://github.com/sparklemotion/nokogiri/commit/9fe0761c47c0d4270d1a5220cfd25de080350d50"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23476","reference_id":"CVE-2022-23476","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23476"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-23476.yml","reference_id":"CVE-2022-23476.YML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-23476.yml"},{"reference_url":"https://github.com/advisories/GHSA-qv4q-mr5r-qprj","reference_id":"GHSA-qv4q-mr5r-qprj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qv4q-mr5r-qprj"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-qv4q-mr5r-qprj","reference_id":"GHSA-qv4q-mr5r-qprj","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:48:08Z/"}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-qv4q-mr5r-qprj"},{"reference_url":"https://security.gentoo.org/glsa/202408-13","reference_id":"GLSA-202408-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102686?format=json","purl":"pkg:deb/debian/ruby-nokogiri@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102689?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-23476","GHSA-qv4q-mr5r-qprj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47qk-3n97-wfb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209272?format=json","vulnerability_id":"VCID-7qnq-6za5-6ubz","summary":"Nokogiri vulnerable to DoS while parsing XML documents","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6460.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6460.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6460","reference_id":"","reference_type":"","scores":[{"value":"0.02521","scoring_system":"epss","scoring_elements":"0.85738","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6460"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6460","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6460"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6460","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6460"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90058","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90058"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://web.archive.org/web/20200229074427/https://www.securityfocus.com/bid/64513","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200229074427/https://www.securityfocus.com/bid/64513"},{"reference_url":"https://web.archive.org/web/20200229074427/https://www.securityfocus.com/bid/64513/","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200229074427/https://www.securityfocus.com/bid/64513/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/12/27/2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/12/27/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046663","reference_id":"1046663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046663"},{"reference_url":"https://access.redhat.com/security/cve/cve-2013-6460","reference_id":"CVE-2013-6460","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2013-6460"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-6460","reference_id":"CVE-2013-6460","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-6460"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2013-6460","reference_id":"CVE-2013-6460","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security-tracker.debian.org/tracker/CVE-2013-6460"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2013-6460.yml","reference_id":"CVE-2013-6460.YML","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2013-6460.yml"},{"reference_url":"https://github.com/advisories/GHSA-62qp-3fxm-9wxf","reference_id":"GHSA-62qp-3fxm-9wxf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-62qp-3fxm-9wxf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102686?format=json","purl":"pkg:deb/debian/ruby-nokogiri@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-6460","GHSA-62qp-3fxm-9wxf","OSV-101179"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7qnq-6za5-6ubz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202615?format=json","vulnerability_id":"VCID-b6fv-168m-27dn","summary":"Nokogiri before 1.5.4 is vulnerable to XXE attacks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6685.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6685.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6685","reference_id":"","reference_type":"","scores":[{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55742","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6685"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1178970","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1178970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6685"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/693","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/693"},{"reference_url":"https://nokogiri.org/CHANGELOG.html#154-2012-06-12","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nokogiri.org/CHANGELOG.html#154-2012-06-12"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6685","reference_id":"CVE-2012-6685","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6685"},{"reference_url":"https://github.com/advisories/GHSA-6wj9-77wq-jq7p","reference_id":"GHSA-6wj9-77wq-jq7p","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6wj9-77wq-jq7p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102682?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.5.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.5.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-6685","GHSA-6wj9-77wq-jq7p","OSV-90946"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b6fv-168m-27dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25865?format=json","vulnerability_id":"VCID-dqqu-6pdz-d7ec","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6490","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21788","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6490"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6490","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6490"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/3500","reference_id":"3500","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T16:34:29Z/"}],"url":"https://github.com/sparklemotion/nokogiri/issues/3500"},{"reference_url":"https://github.com/sparklemotion/nokogiri/pull/3524","reference_id":"3524","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T16:34:29Z/"}],"url":"https://github.com/sparklemotion/nokogiri/pull/3524"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/ada4708e5a67114402cd3feb70a4e1d1d7cf773a","reference_id":"ada4708e5a67114402cd3feb70a4e1d1d7cf773a","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T16:34:29Z/"}],"url":"https://github.com/sparklemotion/nokogiri/commit/ada4708e5a67114402cd3feb70a4e1d1d7cf773a"},{"reference_url":"https://vuldb.com/?ctiid.313601","reference_id":"?ctiid.313601","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T16:34:29Z/"}],"url":"https://vuldb.com/?ctiid.313601"},{"reference_url":"https://vuldb.com/?id.313601","reference_id":"?id.313601","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T16:34:29Z/"}],"url":"https://vuldb.com/?id.313601"},{"reference_url":"https://github.com/user-attachments/files/19625432/nokogiri_crash.txt","reference_id":"nokogiri_crash.txt","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T16:34:29Z/"}],"url":"https://github.com/user-attachments/files/19625432/nokogiri_crash.txt"},{"reference_url":"https://vuldb.com/?submit.601005","reference_id":"?submit.601005","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T16:34:29Z/"}],"url":"https://vuldb.com/?submit.601005"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102686?format=json","purl":"pkg:deb/debian/ruby-nokogiri@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-6490","GHSA-pf9w-gvcf-gv7m"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dqqu-6pdz-d7ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7116?format=json","vulnerability_id":"VCID-eqeg-fdfg-vyag","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5477","reference_id":"","reference_type":"","scores":[{"value":"0.09316","scoring_system":"epss","scoring_elements":"0.92935","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5477"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/5d30128343573a9428c86efc758ba2c66e9f12dc","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/commit/5d30128343573a9428c86efc758ba2c66e9f12dc"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1915","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1915"},{"reference_url":"https://github.com/tenderlove/rexical/blob/master/CHANGELOG.rdoc","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tenderlove/rexical/blob/master/CHANGELOG.rdoc"},{"reference_url":"https://github.com/tenderlove/rexical/commit/a652474dbc66be350055db3e8f9b3a7b3fd75926","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tenderlove/rexical/commit/a652474dbc66be350055db3e8f9b3a7b3fd75926"},{"reference_url":"https://hackerone.com/reports/650835","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/650835"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00027.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00027.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00018.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00019.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00019.html"},{"reference_url":"https://usn.ubuntu.com/4175-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4175-1"},{"reference_url":"https://usn.ubuntu.com/4175-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4175-1/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934802","reference_id":"934802","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934802"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940905","reference_id":"940905","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940905"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5477","reference_id":"CVE-2019-5477","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5477"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5477.yml","reference_id":"CVE-2019-5477.YML","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5477.yml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rexical/CVE-2019-5477.yml","reference_id":"CVE-2019-5477.YML","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rexical/CVE-2019-5477.yml"},{"reference_url":"https://github.com/advisories/GHSA-cr5j-953j-xw5p","reference_id":"GHSA-cr5j-953j-xw5p","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cr5j-953j-xw5p"},{"reference_url":"https://security.gentoo.org/glsa/202006-05","reference_id":"GLSA-202006-05","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202006-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102687?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.10.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.10.4%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-5477","GHSA-cr5j-953j-xw5p"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eqeg-fdfg-vyag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11849?format=json","vulnerability_id":"VCID-g8h5-nbxj-y7fe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29181.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29181.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29181","reference_id":"","reference_type":"","scores":[{"value":"0.04183","scoring_system":"epss","scoring_elements":"0.88956","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29181"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-29181.yml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-29181.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29181","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29181"},{"reference_url":"https://support.apple.com/kb/HT213532","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT213532"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2088684","reference_id":"2088684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2088684"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7","reference_id":"83cc451c3f29df397caa890afc3b714eae6ab8f7","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/"}],"url":"https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267","reference_id":"db05ba9a1bd4b90aa6c76742cf6102a7c7297267","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/"}],"url":"https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m","reference_id":"GHSA-xh29-r2w5-wx8m","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":""},{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/"}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri","reference_id":"GHSL-2022-031_GHSL-2022-032_Nokogiri","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/"}],"url":"https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri"},{"reference_url":"https://security.gentoo.org/glsa/202208-29","reference_id":"GLSA-202208-29","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202208-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8506","reference_id":"RHSA-2022:8506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8506"},{"reference_url":"https://usn.ubuntu.com/7659-1/","reference_id":"USN-7659-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7659-1/"},{"reference_url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6","reference_id":"v1.13.6","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/"}],"url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102692?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-29181","GHSA-xh29-r2w5-wx8m"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8h5-nbxj-y7fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25867?format=json","vulnerability_id":"VCID-gp1p-f3h7-pfen","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6494","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21788","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6494","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6494"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/3508","reference_id":"3508","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:08:50Z/"}],"url":"https://github.com/sparklemotion/nokogiri/issues/3508"},{"reference_url":"https://github.com/sparklemotion/nokogiri/pull/3524","reference_id":"3524","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:08:50Z/"}],"url":"https://github.com/sparklemotion/nokogiri/pull/3524"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/ada4708e5a67114402cd3feb70a4e1d1d7cf773a","reference_id":"ada4708e5a67114402cd3feb70a4e1d1d7cf773a","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:08:50Z/"}],"url":"https://github.com/sparklemotion/nokogiri/commit/ada4708e5a67114402cd3feb70a4e1d1d7cf773a"},{"reference_url":"https://vuldb.com/?ctiid.313611","reference_id":"?ctiid.313611","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:08:50Z/"}],"url":"https://vuldb.com/?ctiid.313611"},{"reference_url":"https://vuldb.com/?id.313611","reference_id":"?id.313611","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:08:50Z/"}],"url":"https://vuldb.com/?id.313611"},{"reference_url":"https://github.com/user-attachments/files/19825279/nokogiri_crash_2.txt","reference_id":"nokogiri_crash_2.txt","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:08:50Z/"}],"url":"https://github.com/user-attachments/files/19825279/nokogiri_crash_2.txt"},{"reference_url":"https://vuldb.com/?submit.601006","reference_id":"?submit.601006","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:08:50Z/"}],"url":"https://vuldb.com/?submit.601006"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102686?format=json","purl":"pkg:deb/debian/ruby-nokogiri@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-6494","GHSA-jc9r-qcgw-fxq9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gp1p-f3h7-pfen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8297?format=json","vulnerability_id":"VCID-hwva-pek4-5fb7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26247.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26247.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26247","reference_id":"","reference_type":"","scores":[{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49615","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26247"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26247","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26247"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-26247.yml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-26247.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md#v1110--2021-01-03","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md#v1110--2021-01-03"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/9c87439d9afa14a365ff13e73adc809cb2c3d97b","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/commit/9c87439d9afa14a365ff13e73adc809cb2c3d97b"},{"reference_url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.11.0.rc4","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.11.0.rc4"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vr8q-g5c7-m54m","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv3","scoring_elements":""},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vr8q-g5c7-m54m"},{"reference_url":"https://hackerone.com/reports/747489","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/747489"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/06/msg00007.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/06/msg00007.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00018.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26247","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26247"},{"reference_url":"https://rubygems.org/gems/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rubygems.org/gems/nokogiri"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912487","reference_id":"1912487","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912487"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978967","reference_id":"978967","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978967"},{"reference_url":"https://security.gentoo.org/glsa/202208-29","reference_id":"GLSA-202208-29","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202208-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4702","reference_id":"RHSA-2021:4702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5191","reference_id":"RHSA-2021:5191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5191"},{"reference_url":"https://usn.ubuntu.com/7659-1/","reference_id":"USN-7659-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7659-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102688?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-26247","GHSA-vr8q-g5c7-m54m"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hwva-pek4-5fb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11616?format=json","vulnerability_id":"VCID-nscm-fqz2-fbge","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24836.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24836","reference_id":"","reference_type":"","scores":[{"value":"0.01827","scoring_system":"epss","scoring_elements":"0.83305","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24836"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/e444525ef1634b675cd1cf52d39f4320ef0aecfd","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/commit/e444525ef1634b675cd1cf52d39f4320ef0aecfd"},{"reference_url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4"},{"reference_url":"https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ?utm_medium=email&utm_source=footer","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ?utm_medium=email&utm_source=footer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00013.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DHCOWMA5PQTIQIMDENA7R2Y5BDYAIYM","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DHCOWMA5PQTIQIMDENA7R2Y5BDYAIYM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DHCOWMA5PQTIQIMDENA7R2Y5BDYAIYM/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DHCOWMA5PQTIQIMDENA7R2Y5BDYAIYM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OUPLBUZVM4WPFSXBEP2JS3R6LMKRTLFC","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OUPLBUZVM4WPFSXBEP2JS3R6LMKRTLFC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OUPLBUZVM4WPFSXBEP2JS3R6LMKRTLFC/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OUPLBUZVM4WPFSXBEP2JS3R6LMKRTLFC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMDCWRQXJQ3TFSETPCEFMQ6RR6ME5UA3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMDCWRQXJQ3TFSETPCEFMQ6RR6ME5UA3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMDCWRQXJQ3TFSETPCEFMQ6RR6ME5UA3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMDCWRQXJQ3TFSETPCEFMQ6RR6ME5UA3/"},{"reference_url":"https://support.apple.com/kb/HT213532","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT213532"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009787","reference_id":"1009787","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009787"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2074346","reference_id":"2074346","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2074346"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24836","reference_id":"CVE-2022-24836","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24836"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-24836.yml","reference_id":"CVE-2022-24836.YML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-24836.yml"},{"reference_url":"https://github.com/advisories/GHSA-crjr-9rc5-ghw8","reference_id":"GHSA-crjr-9rc5-ghw8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-crjr-9rc5-ghw8"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-crjr-9rc5-ghw8","reference_id":"GHSA-crjr-9rc5-ghw8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-crjr-9rc5-ghw8"},{"reference_url":"https://security.gentoo.org/glsa/202208-29","reference_id":"GLSA-202208-29","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202208-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8506","reference_id":"RHSA-2022:8506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8506"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102691?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102690?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-24836","GHSA-crjr-9rc5-ghw8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nscm-fqz2-fbge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209275?format=json","vulnerability_id":"VCID-xy21-uzq3-ebhu","summary":"Nokogiri vulnerable to DoS while parsing XML entities","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6461.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6461","reference_id":"","reference_type":"","scores":[{"value":"0.02046","scoring_system":"epss","scoring_elements":"0.84225","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6461","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6461"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90059","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90059"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://web.archive.org/web/20200804224345/https://www.securityfocus.com/bid/64513","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200804224345/https://www.securityfocus.com/bid/64513"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/12/27/2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/12/27/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046664","reference_id":"1046664","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046664"},{"reference_url":"https://access.redhat.com/security/cve/cve-2013-6461","reference_id":"CVE-2013-6461","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2013-6461"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-6461","reference_id":"CVE-2013-6461","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-6461"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2013-6461","reference_id":"CVE-2013-6461","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security-tracker.debian.org/tracker/CVE-2013-6461"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2013-6461.yml","reference_id":"CVE-2013-6461.YML","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2013-6461.yml"},{"reference_url":"https://github.com/advisories/GHSA-jmhh-w7xp-wg39","reference_id":"GHSA-jmhh-w7xp-wg39","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmhh-w7xp-wg39"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102686?format=json","purl":"pkg:deb/debian/ruby-nokogiri@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102683?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g8h5-nbxj-y7fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102681?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.13.10%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102685?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102684?format=json","purl":"pkg:deb/debian/ruby-nokogiri@1.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.19.1%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-6461","GHSA-jmhh-w7xp-wg39","OSV-101458"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xy21-uzq3-ebhu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-nokogiri@1.13.10%252Bdfsg-2%3Fdistro=trixie"}