Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Inefficient Regular Expression Complexity in Nokogiri
Vulnerability Description
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Nokogiri 安全漏洞
Vulnerability Description
Nokogiri是一款用于解析Ruby中HTML和XML的开源软件库。 Nokogiri 1.13.4之前版本存在安全漏洞,该漏洞源于当试图检测HTML文档中的编码时,它容易受到过度回溯的影响。
CVSS Information
N/A
Vulnerability Type
N/A