ruby-nokogiri

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser
Version	1.18.9-1 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-2424	1.12.2-1		High	Not affected

Issue	Group	Severity	Remote	Type	Description
CVE-2021-41098	AVG-2424	High	Yes	Xml external entity injection	In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parser resolves external entities by default. Users of Nokogiri on JRuby who parse untrusted...