Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/ruby-nokogiri@1.12.2-1
Typealpm
Namespacearchlinux
Nameruby-nokogiri
Version1.12.2-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-8geh-vfns-pfgs
vulnerability_id VCID-8geh-vfns-pfgs
summary 
Improper Restriction of XML External Entity Reference
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri v1.12.4, on JRuby only, the SAX parser resolves external entities by default. Users of Nokogiri on JRuby who parse untrusted documents using any of these classes are affected: Nokogiri::XML::SAX::Parse, Nokogiri::HTML4::SAX::Parser or its alias Nokogiri::HTML::SAX::Parser, Nokogiri::XML::SAX::PushParser, and Nokogiri::HTML4::SAX::PushParser or its alias Nokogiri::HTML::SAX::PushParser. JRuby users should upgrade to Nokogiri.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41098.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41098.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41098
reference_id
reference_type
scores
0
value 0.00251
scoring_system epss
scoring_elements 0.48421
published_at 2026-05-14T12:55:00Z
1
value 0.00251
scoring_system epss
scoring_elements 0.48346
published_at 2026-05-12T12:55:00Z
2
value 0.00251
scoring_system epss
scoring_elements 0.48317
published_at 2026-05-11T12:55:00Z
3
value 0.00251
scoring_system epss
scoring_elements 0.48372
published_at 2026-05-09T12:55:00Z
4
value 0.00251
scoring_system epss
scoring_elements 0.48348
published_at 2026-05-07T12:55:00Z
5
value 0.00251
scoring_system epss
scoring_elements 0.48285
published_at 2026-05-05T12:55:00Z
6
value 0.00564
scoring_system epss
scoring_elements 0.68362
published_at 2026-04-07T12:55:00Z
7
value 0.00564
scoring_system epss
scoring_elements 0.68413
published_at 2026-04-08T12:55:00Z
8
value 0.00564
scoring_system epss
scoring_elements 0.6843
published_at 2026-04-09T12:55:00Z
9
value 0.00564
scoring_system epss
scoring_elements 0.68456
published_at 2026-04-11T12:55:00Z
10
value 0.00564
scoring_system epss
scoring_elements 0.68444
published_at 2026-04-12T12:55:00Z
11
value 0.00564
scoring_system epss
scoring_elements 0.68411
published_at 2026-04-13T12:55:00Z
12
value 0.00564
scoring_system epss
scoring_elements 0.68449
published_at 2026-04-16T12:55:00Z
13
value 0.00564
scoring_system epss
scoring_elements 0.68463
published_at 2026-04-18T12:55:00Z
14
value 0.00564
scoring_system epss
scoring_elements 0.68441
published_at 2026-04-21T12:55:00Z
15
value 0.00564
scoring_system epss
scoring_elements 0.68489
published_at 2026-04-24T12:55:00Z
16
value 0.00564
scoring_system epss
scoring_elements 0.68495
published_at 2026-04-26T12:55:00Z
17
value 0.00564
scoring_system epss
scoring_elements 0.68501
published_at 2026-04-29T12:55:00Z
18
value 0.00565
scoring_system epss
scoring_elements 0.68359
published_at 2026-04-01T12:55:00Z
19
value 0.00565
scoring_system epss
scoring_elements 0.68398
published_at 2026-04-04T12:55:00Z
20
value 0.00565
scoring_system epss
scoring_elements 0.68379
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41098
2
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-41098.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-41098.yml
3
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
4
reference_url https://github.com/sparklemotion/nokogiri/commit/5bf729ff3cc84709ee3c3248c981584088bf9f6d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/commit/5bf729ff3cc84709ee3c3248c981584088bf9f6d
5
reference_url https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2008914
reference_id 2008914
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2008914
7
reference_url https://security.archlinux.org/AVG-2424
reference_id AVG-2424
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2424
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41098
reference_id CVE-2021-41098
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41098
9
reference_url https://github.com/advisories/GHSA-2rr5-8q37-2w7h
reference_id GHSA-2rr5-8q37-2w7h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2rr5-8q37-2w7h
fixed_packages
aliases CVE-2021-41098, GHSA-2rr5-8q37-2w7h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8geh-vfns-pfgs
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ruby-nokogiri@1.12.2-1