Описание
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
Ссылки
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.5.0 (включая) до 1.5.11 (исключая)Версия от 1.6.0 (включая) до 1.6.1 (исключая)
Одно из
cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*
cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02521
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-776
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 6 лет назад
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
redhat
около 12 лет назад
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
CVSS3: 6.5
debian
больше 6 лет назад
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsin ...
CVSS3: 6.5
github
почти 4 года назад
Nokogiri vulnerable to DoS while parsing XML documents
EPSS
Процентиль: 85%
0.02521
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-776