Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
07 Nov 2023, 03:44
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
06 Jul 2023, 13:50
Type | Values Removed | Values Added |
---|---|---|
CWE |
Information
Published : 2022-04-11 22:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-24836
Mitre link : CVE-2022-24836
CVE.ORG link : CVE-2022-24836
JSON object : View
Products Affected
fedoraproject
- fedora
nokogiri
- nokogiri
apple
- macos
debian
- debian_linux