rubygem-nokogiri (SUSE:OpenStack Cloud 7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 7 package rubygem-nokogiri, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2019-5477 — CVSS 9.8 (critical): A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open`…
CVE-2020-26247 — CVSS 2.6 (low): Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version…