| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-6494 | sparklemotion nokogiri hashmap.c hashmap_get_with_hash heap-based overflow | sparklemotion | nokogiri | Low | 3.3 | 2025-06-22 22:31:06 | Deep Dive |
| CVE-2025-6490 | sparklemotion nokogiri hashmap.c hashmap_set_with_hash heap-based overflow | sparklemotion | nokogiri | Low | 3.3 | 2025-06-22 19:00:12 | Deep Dive |
| CVE-2022-23476 | Unchecked return value from xmlTextReaderExpand in Nokogiri | sparklemotion | nokogiri | High | 7.5 | 2022-12-08 03:03:25 | Deep Dive |
| CVE-2022-31033 | Authorization header leak in rubygem Mechanize | sparklemotion | mechanize | Medium | 5.9 | 2022-06-09 20:00:16 | Deep Dive |
| CVE-2022-29181 | Improper Handling of Unexpected Data Type in Nokogiri | sparklemotion | nokogiri | High | 8.2 | 2022-05-20 00:00:00 | Deep Dive |
| CVE-2022-24839 | Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork) | sparklemotion | nekohtml | High | 7.5 | 2022-04-11 21:25:12 | Deep Dive |
| CVE-2022-24836 | Inefficient Regular Expression Complexity in Nokogiri | sparklemotion | nokogiri | High | 7.5 | 2022-04-11 00:00:00 | Deep Dive |
| CVE-2021-41098 | Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby | sparklemotion | nokogiri | 高危 | - | 2021-09-27 19:35:11 | Deep Dive |
| CVE-2021-21289 | Command Injection Vulnerability in Mechanize | sparklemotion | mechanize | High | 7.4 | 2021-02-02 18:50:13 | Deep Dive |
| CVE-2020-26247 | XXE in Nokogiri | sparklemotion | nokogiri | Low | 2.6 | 2020-12-30 00:00:00 | Deep Dive |