14 lines
1.1 KiB
JSON
14 lines
1.1 KiB
JSON
{
|
|
"id": "openEuler-SA-2022-1644",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-1644",
|
|
"title": "An update for rubygem-nokogiri is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
|
|
"severity": "Important",
|
|
"description": "Nokogiri parses and searches XML/HTML very quickly, and also has correctly implemented CSS3 selector support as well as XPath support. Nokogiri also features an Hpricot compatibility layer to help ease the change to using correct CSS and XPath.\n\r\nSecurity Fix(es):\r\n\r\nNokogiri is an open source XML and HTML library for Ruby. Nokogiri less than v1.13.4 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri >= 1.13.4. There are no known workarounds for this issue.(CVE-2022-24836)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2022-24836",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24836",
|
|
"severity": "Important"
|
|
}
|
|
]
|
|
} |