Search for packages
Package details: pkg:gem/nokogiri@1.1.28
purl pkg:gem/nokogiri@1.1.28
Tags Ghost
Next non-vulnerable version 1.18.8
Latest non-vulnerable version 1.18.8
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-qhdd-7fbe-aaas
Aliases:
CVE-2016-1683
Improper Restriction of Operations within the Bounds of a Memory Buffer nokogiri mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.
1.2.0
Affected by 60 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2024-09-17T22:47:38.068212+00:00 GitLab Importer Affected by VCID-qhdd-7fbe-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/nokogiri/CVE-2016-1683.yml 34.0.1
2024-01-03T18:08:43.634262+00:00 GitLab Importer Affected by VCID-qhdd-7fbe-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/nokogiri/CVE-2016-1683.yml 34.0.0rc1