Homepage

nokogiri vulnerabilities

  • licenses detected

    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the nokogiri package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Out-of-bounds Read

    <1.18.9
    • H
    Expired Pointer Dereference

    <1.18.9
    • L
    Stack-based Buffer Overflow

    <1.18.9
    • H
    Stack-based Buffer Overflow

    <1.18.9
    • H
    Expired Pointer Dereference

    <1.18.9
    • L
    Buffer Under-read

    <1.18.8
    • M
    Use After Free

    <1.18.4
    • M
    Use After Free

    <1.18.4
    • H
    Use After Free

    <1.18.3
    • H
    Stack-based Buffer Overflow

    <1.18.3
    • L
    Cross-site Scripting (XSS)

    <1.15.7>=1.16.0.rc1, <1.16.8
    • H
    Heap-based Buffer Overflow

    <1.16.5
    • M
    Use After Free

    <1.15.6>=1.16.0, <1.16.2
    • M
    Access Control Bypass

    <1.10.3
    • H
    Unchecked Return Value

    >=1.13.8, <1.13.10
    • H
    NULL Pointer Dereference

    <1.13.9
    • H
    Improper Handling of Unexpected Data Type

    <1.13.6
    • H
    Out-of-bounds Write

    <1.13.4
    • H
    Regular Expression Denial of Service (ReDoS)

    <1.13.4
    • H
    Denial of Service (DoS)

    <1.13.4
    • H
    Use After Free

    <1.13.2
    • H
    XML External Entity (XXE) Injection

    <1.12.5
    • M
    Denial of Service (DoS)

    <1.8.2
    • H
    Denial of Service (DoS)

    <1.11.4
    • H
    Denial of Service (DoS)

    <1.11.4
    • H
    Denial of Service (DoS)

    <1.11.4
    • H
    Denial of Service (DoS)

    <1.11.4
    • H
    Denial of Service (DoS)

    <1.11.4
    • H
    Denial of Service (DoS)

    <1.11.4
    • L
    XML External Entity (XXE) Injection

    <1.11.0.rc4
    • H
    Denial of Service (DoS)

    <1.10.8
    • H
    Uncontrolled Memory Allocation

    <1.10.5
    • H
    Command Injection

    <1.10.4
    • H
    Denial of Service (DoS)

    <1.8.5
    • H
    Denial of Service (DoS)

    <1.8.2
    • H
    Denial of Service (DoS)

    <1.8.1
    • H
    Use of vulnerable libxml2

    <1.8.1
    • H
    Out of Bounds Memory Write

    <1.7.2
    • H
    Arbitrary Code Execution

    <1.7.2
    • H
    XML External Entity (XXE) Injection

    >=1.5.4, <1.8.3
    • H
    XML External Entity (XXE) Injection

    <1.5.4
    • H
    Arbitrary Code Execution

    >=1.6.0, <1.6.8
    • M
    Sensitive Information Exposure

    >=1.6.0, <1.6.7.2
    • M
    Denial of Service (DoS)

    >=1.6.0, <1.6.7.1
    • M
    Denial of Service (DoS)

    >=1.6.7.rc2, <1.6.7.rc4<1.6.6.4
    • M
    Denial of Service (DoS)

    <1.6.3
    • M
    XML External Entity (XXE) Injection

    >=1.6, <1.6.1<1.5.11
    • M
    Denial of Service (DoS)

    >=1.6, <1.6.1<1.5.11
    • M
    Information Exposure

    <1.5.4