Описание
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
Ссылки
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.5.0 (включая) до 1.5.11 (исключая)Версия от 1.6.0 (включая) до 1.6.1 (исключая)
Одно из
cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*
cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.02046
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-776
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 6 лет назад
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
redhat
около 12 лет назад
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
CVSS3: 6.5
debian
больше 6 лет назад
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by fai ...
CVSS3: 6.5
github
почти 4 года назад
Nokogiri vulnerable to DoS while parsing XML entities
EPSS
Процентиль: 83%
0.02046
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-776