Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud Crowbar 8 package rubygem-nokogiri, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2019-5477 — CVSS 9.8 (critical): A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open`…
CVE-2022-29181 — CVSS 8.2 (high): Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and…
CVE-2022-24836 — CVSS 7.5 (high): Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is…
CVE-2020-26247 — CVSS 2.6 (low): Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version…