Search for packages
| purl | pkg:deb/debian/ruby-nokogiri@1.13.5%2Bdfsg-2~bpo11%2B1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5g2v-sxrc-aaaf | Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue. |
CVE-2022-24836
GHSA-crjr-9rc5-ghw8 |
| VCID-duvb-k7ce-aaar | Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent. |
CVE-2022-29181
GHSA-xh29-r2w5-wx8m |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T09:03:58.191842+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 36.1.3 |
| 2025-06-21T06:42:43.989687+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T05:14:33.722565+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | None | 36.1.3 |
| 2025-06-20T19:59:04.436807+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-05T14:04:03.400792+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 36.1.0 |
| 2025-04-13T01:58:49.746570+00:00 | Debian Oval Importer | Fixing | VCID-5g2v-sxrc-aaaf | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-05T06:20:12.004674+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 36.0.0 |
| 2025-04-05T03:58:20.187585+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T08:04:34.383545+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | None | 36.0.0 |
| 2025-04-03T23:03:06.559045+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-02-20T20:28:52.204239+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-20T20:28:51.508032+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 35.1.0 |
| 2025-02-20T18:28:17.202593+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | None | 35.1.0 |
| 2025-02-20T18:28:15.794163+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2024-11-23T13:02:53.504636+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-23T13:02:52.829932+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 35.0.0 |
| 2024-10-10T10:51:19.363298+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-10T10:51:18.666704+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 34.0.2 |
| 2024-09-19T17:28:50.140033+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-19T17:28:49.458014+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 34.0.1 |
| 2024-04-25T14:25:04.595319+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-25T14:25:02.171781+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 34.0.0rc4 |
| 2024-04-25T12:54:59.981349+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | None | 34.0.0rc4 |
| 2024-04-25T12:54:59.157379+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-01-11T16:01:27.783917+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-11T16:01:25.388124+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 34.0.0rc2 |
| 2024-01-11T14:43:05.876184+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-11T14:43:04.284524+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | None | 34.0.0rc2 |
| 2024-01-05T01:23:59.279806+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-05T01:23:56.780102+00:00 | Debian Importer | Fixing | VCID-duvb-k7ce-aaar | None | 34.0.0rc1 |
| 2024-01-05T00:13:38.139455+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-05T00:13:36.408734+00:00 | Debian Importer | Fixing | VCID-5g2v-sxrc-aaaf | None | 34.0.0rc1 |