Search for vulnerabilities
Vulnerability details: VCID-unad-wpdw-jufv
Vulnerability ID VCID-unad-wpdw-jufv
Aliases CVE-2022-29181
GHSA-xh29-r2w5-wx8m
Summary Improper Handling of Unexpected Data Type in Nokogiri ### Summary Nokogiri `< v1.13.6` does not type-check all inputs into the XML and HTML4 SAX parsers. For CRuby users, this may allow specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. ### Severity The Nokogiri maintainers have evaluated this as **High 8.2** (CVSS3.1). ### Mitigation CRuby users should upgrade to Nokogiri `>= 1.13.6`. JRuby users are not affected. ### Workarounds To avoid this vulnerability in affected applications, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-241 Improper Handling of Unexpected Data Type
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 8.2 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29181.json
epss 0.06706 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06706 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06706 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06706 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06706 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06706 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
epss 0.06877 https://api.first.org/data/v1/epss?cve=CVE-2022-29181
cvssv3.1 8.2 http://seclists.org/fulldisclosure/2022/Dec/23
generic_textual HIGH http://seclists.org/fulldisclosure/2022/Dec/23
cvssv3.1 7.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-xh29-r2w5-wx8m
cvssv3.1 8.2 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-29181.yml
generic_textual HIGH https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-29181.yml
cvssv3.1 8.2 https://github.com/sparklemotion/nokogiri
generic_textual HIGH https://github.com/sparklemotion/nokogiri
cvssv3.1 8.2 https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7
generic_textual HIGH https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7
ssvc Track https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7
cvssv3.1 8.2 https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267
generic_textual HIGH https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267
ssvc Track https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267
cvssv3.1 8.2 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
generic_textual HIGH https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
ssvc Track https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
cvssv3 8.2 https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
cvssv3.1 8.2 https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
cvssv3.1_qr HIGH https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
generic_textual HIGH https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
ssvc Track https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
cvssv2 6.4 https://nvd.nist.gov/vuln/detail/CVE-2022-29181
cvssv3.1 8.2 https://nvd.nist.gov/vuln/detail/CVE-2022-29181
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2022-29181
cvssv3.1 8.2 https://security.gentoo.org/glsa/202208-29
generic_textual HIGH https://security.gentoo.org/glsa/202208-29
cvssv3.1 8.2 https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri
generic_textual HIGH https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri
ssvc Track https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri
cvssv3.1 8.2 https://support.apple.com/kb/HT213532
generic_textual HIGH https://support.apple.com/kb/HT213532
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29181.json
https://api.first.org/data/v1/epss?cve=CVE-2022-29181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29181
http://seclists.org/fulldisclosure/2022/Dec/23
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-29181.yml
https://github.com/sparklemotion/nokogiri
https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7
https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
https://nvd.nist.gov/vuln/detail/CVE-2022-29181
https://security.gentoo.org/glsa/202208-29
https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri
https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri/
https://support.apple.com/kb/HT213532
2088684 https://bugzilla.redhat.com/show_bug.cgi?id=2088684
cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:ruby:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:ruby:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
GHSA-xh29-r2w5-wx8m https://github.com/advisories/GHSA-xh29-r2w5-wx8m
RHSA-2022:8506 https://access.redhat.com/errata/RHSA-2022:8506
USN-7659-1 https://usn.ubuntu.com/7659-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29181.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at http://seclists.org/fulldisclosure/2022/Dec/23
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-29181.yml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://github.com/sparklemotion/nokogiri
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/ Found at https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/ Found at https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/ Found at https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/ Found at https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2022-29181
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-29181
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://security.gentoo.org/glsa/202208-29
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:19Z/ Found at https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://support.apple.com/kb/HT213532
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.90844
EPSS Score 0.06706
Published At Aug. 12, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:04:56.523623+00:00 Ruby Importer Import https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-29181.yml 37.0.0