EPSS
Percentile
91.1%
nokogiri is vulnerable to denial of service (DoS) attacks. The library uses a vulnerable version of libxml2, causing it to be vulnerable to the following CVEs: 1. CVE-2016-9318: XML External Entity (XXE) through a crafted document. 2. CVE-2017-16932: Infinite Recursion during parsing. 3. CVE-2017-18258: Denial of Service (DoS) through a crafted LZMA file. 4. CVE-2018-14404: Null Pointer Dereference when accessing XSL input. 5. CVE-2018-14567: Infinite Loop during LZMA decompression.