OESA-2022-1644
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1644
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1644.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2022-1644
- Upstream
- Published
- 2022-05-11T11:03:45Z
- Modified
- 2025-09-03T06:18:07.915397Z
- Summary
- rubygem-nokogiri security update
- Details
-
Nokogiri parses and searches XML/HTML very quickly, and also has correctly implemented CSS3 selector support as well as XPath support. Nokogiri also features an Hpricot compatibility layer to help ease the change to using correct CSS and XPath.
Security Fix(es):
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri less than v1.13.4 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri >= 1.13.4. There are no known workarounds for this issue.(CVE-2022-24836)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP1 / rubygem-nokogiri
Package
- Name
- rubygem-nokogiri
- Purl
- pkg:rpm/openEuler/rubygem-nokogiri&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.10.5-4.oe1
Ecosystem specific
{
"src": [
"rubygem-nokogiri-1.10.5-4.oe1.src.rpm"
],
"x86_64": [
"rubygem-nokogiri-1.10.5-4.oe1.x86_64.rpm",
"rubygem-nokogiri-debuginfo-1.10.5-4.oe1.x86_64.rpm ",
"rubygem-nokogiri-debugsource-1.10.5-4.oe1.x86_64.rpm",
"rubygem-nokogiri-doc-1.10.5-4.oe1.x86_64.rpm"
],
"aarch64": [
"rubygem-nokogiri-1.10.5-4.oe1.aarch64.rpm",
"rubygem-nokogiri-debuginfo-1.10.5-4.oe1.aarch64.rpm",
"rubygem-nokogiri-debugsource-1.10.5-4.oe1.aarch64.rpm",
"rubygem-nokogiri-doc-1.10.5-4.oe1.aarch64.rpm"
]
}
openEuler:20.03-LTS-SP3 / rubygem-nokogiri
Package
- Name
- rubygem-nokogiri
- Purl
- pkg:rpm/openEuler/rubygem-nokogiri&distro=openEuler-20.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.10.5-5.oe1
Ecosystem specific
{
"src": [
"rubygem-nokogiri-1.10.5-5.oe1.src.rpm"
],
"x86_64": [
"rubygem-nokogiri-1.10.5-5.oe1.x86_64.rpm",
"rubygem-nokogiri-debuginfo-1.10.5-5.oe1.x86_64.rpm ",
"rubygem-nokogiri-debugsource-1.10.5-5.oe1.x86_64.rpm",
"rubygem-nokogiri-doc-1.10.5-5.oe1.x86_64.rpm"
],
"aarch64": [
"rubygem-nokogiri-1.10.5-5.oe1.aarch64.rpm",
"rubygem-nokogiri-debuginfo-1.10.5-5.oe1.aarch64.rpm ",
"rubygem-nokogiri-debugsource-1.10.5-5.oe1.aarch64.rpm",
"rubygem-nokogiri-doc-1.10.5-5.oe1.aarch64.rpm"
]
}
openEuler:22.03-LTS / rubygem-nokogiri
Package
- Name
- rubygem-nokogiri
- Purl
- pkg:rpm/openEuler/rubygem-nokogiri&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.13.1-2.oe2203
Ecosystem specific
{
"src": [
"rubygem-nokogiri-1.13.1-2.oe2203.src.rpm"
],
"x86_64": [
"rubygem-nokogiri-1.13.1-2.oe2203.x86_64.rpm",
"rubygem-nokogiri-debuginfo-1.13.1-2.oe2203.x86_64.rpm",
"rubygem-nokogiri-debugsource-1.13.1-2.oe2203.x86_64.rpm",
"rubygem-nokogiri-doc-1.13.1-2.oe2203.x86_64.rpm"
],
"aarch64": [
"rubygem-nokogiri-1.13.1-2.oe2203.aarch64.rpm",
"rubygem-nokogiri-debuginfo-1.13.1-2.oe2203.aarch64.rpm",
"rubygem-nokogiri-debugsource-1.13.1-2.oe2203.aarch64.rpm",
"rubygem-nokogiri-doc-1.13.1-2.oe2203.aarch64.rpm"
]
}