RubyGems / nokogiri

Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability

Modified: 6/9/2026

Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing

Modified: 2/20/2024

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs

Modified: 12/2/2024

Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby

Modified: 3/13/2026

Nokogiri patches vendored libxml2 to resolve multiple CVEs

Modified: 2/4/2026

Uninitialized read in Nokogiri gem

Modified: 6/10/2026

Nokogiri has vulnerable dependencies on libxml2 and libxslt

Modified: 2/16/2024

Nokogiri updates packaged libxml2 to v2.13.8 to resolve CVE-2025-32414 and CVE-2025-32415

Modified: 2/4/2026

Nokogiri vulnerable to DoS while parsing XML documents

Modified: 2/17/2024

Nokogiri NULL Pointer Dereference

Modified: 12/5/2025

Nokogiri is vulnerable to XML External Entity (XXE) attack

Modified: 11/8/2023

libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation

Modified: 3/8/2024

Denial of service or RCE from libxml2 and libxslt

Modified: 2/16/2024

Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12

Modified: 11/30/2024

Uncontrolled resource consumption in nokogiri

Modified: 2/16/2024

Out-of-bounds read in nokogiri

Modified: 11/8/2023

Nokogiri CSS selector tokenizer has regular expression backtracking

Modified: 5/9/2026

libxslt Type Confusion vulnerability that affects Nokogiri

Modified: 6/9/2026

Integer Overflow or Wraparound in libxml2 affects Nokogiri

Modified: 12/7/2024

Nokogiri Command Injection Vulnerability

Modified: 2/18/2024

Nokogiri Inefficient Regular Expression Complexity

Modified: 2/16/2024

Vulnerable dependencies in Nokogiri

Modified: 12/5/2024

Nokogiri does not forbid namespace nodes in XPointer ranges

Modified: 2/16/2024

Denial of Service (DoS) in Nokogiri on JRuby

Modified: 12/5/2024

Nokogiri affected by zlib's Out-of-bounds Write vulnerability

Modified: 2/4/2026

Nokogiri vulnerable to DoS while parsing XML entities

Modified: 2/16/2024

Nokogiri contains libxml Out-of-bounds Write vulnerability

Modified: 3/8/2024

Heap-based buffer overflow in nokogiri

Modified: 12/8/2024

Nokogiri updates packaged libxslt to v1.1.43 to resolve multiple CVEs

Modified: 2/4/2026

Nokogiri implementation of libxslt lacks integer overflow checks

Modified: 2/16/2024

Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs

Modified: 12/4/2024

Nokogiri vulnerable to libxml XML Entity Expansion

Modified: 11/29/2024

Unchecked return value from xmlTextReaderExpand

Modified: 11/8/2023

Nokogiri vulnerable to libxslt protection mechanism bypass

Modified: 6/9/2026

Nokogiri gem, via libxml, is affected by DoS vulnerabilities

Modified: 2/16/2024

Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459

Modified: 2/4/2026

Nokogiri XSLT transform has a memory leak

Modified: 5/9/2026

Nokogiri Implements libxml2 version vulnerable to use-after-free

Modified: 3/9/2024

Out-of-bounds Write in zlib affects Nokogiri

Modified: 12/5/2024

Nokogiri implementation of libxslt vulnerable to heap corruption

Modified: 2/16/2024

Nokogiri::XML::Schema trusts input by default, exposing risk of XXE vulnerability

Modified: 3/13/2026

Nokogiri updates packaged libxml2 to 2.13.6 to resolve CVE-2025-24928 and CVE-2024-56171

Modified: 2/4/2026

Nokogiri does not check the return value from xmlC14NExecute

Modified: 2/25/2026

Nokogiri gem, via libxml, is affected by DoS vulnerabilities

Modified: 2/20/2024

Cross-site Scripting in loofah

Modified: 2/22/2024

Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062

Modified: 2/4/2026

Nokogiri Improperly Handles Unexpected Data Type

Modified: 5/27/2025

Nokogiri subject to DoS via libxml2 vulnerability

Modified: 11/29/2024

XML Injection in Xerces Java affects Nokogiri

Modified: 12/5/2024