All 7 CVE vulnerabilities found in nokogiri, with AI-generated Chinese analysis, references, and POCs.
Vendor: sparklemotion
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2025-6494 | sparklemotion nokogiri hashmap.c hashmap_get_with_hash heap-based overflow CWE-122 | 3.3 | Low | 2025-06-22 |
| CVE-2025-6490 | sparklemotion nokogiri hashmap.c hashmap_set_with_hash heap-based overflow CWE-122 | 3.3 | Low | 2025-06-22 |
| CVE-2022-23476 | Unchecked return value from xmlTextReaderExpand in Nokogiri CWE-252 | 7.5 | High | 2022-12-08 |
| CVE-2022-29181 | Improper Handling of Unexpected Data Type in Nokogiri CWE-241 | 8.2 | High | 2022-05-20 |
| CVE-2022-24836 | Inefficient Regular Expression Complexity in Nokogiri CWE-400 | 7.5 | High | 2022-04-11 |
| CVE-2021-41098 | Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby CWE-611 | 7.5 | - | 2021-09-27 |
| CVE-2020-26247 | XXE in Nokogiri CWE-611 | 2.6 | Low | 2020-12-30 |
All 7 known CVE vulnerabilities affecting nokogiri with full Chinese analysis, references, and POCs where available.