VDB

GCVE-VVD-MAGEIA-2022-200

GCVE-VVD-MAGEIA-2022-200
Advisory Published
Vulnetix · Advisory published May 22, 2022
Nokogiri did not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a 'String' by calling '#to_s' or equivalent.
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaruby-nokogiri0 (affected), 1.11.7-1.1.mga8 (unaffected)

References

Updated ruby-nokogiri packages fix security vulnerability
advisory
Updated ruby-nokogiri packages fix security vulnerability
issue
Updated ruby-nokogiri packages fix security vulnerability
issue
Updated ruby-nokogiri packages fix security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›