[Git][security-tracker-team/security-tracker][master] Add new ruby-nokogiri issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 25 20:58:36 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
568b676e by Salvatore Bonaccorso at 2026-06-25T21:58:04+02:00
Add new ruby-nokogiri issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79,23 +79,31 @@ CVE-2026-57451 (Vim is an open source, command line text editor. Prior to 9.2.06
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw
 	NOTE: Fixed by: https://github.com/vim/vim/commit/b2338ca90643e2f01ecb6547c1172716aaec4f79 (v9.2.0670)
 CVE-2026-57438 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wfpw-mmfh-qq69
 CVE-2026-57437 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-p67v-3w7g-wjg7
 CVE-2026-57436 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wjv4-x9w8-wm3h
 CVE-2026-57435 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-phwj-rprq-35pp
 CVE-2026-57434 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-9cv2-cfxc-v4v2
 CVE-2026-57429 (Contributor Broken Access Control in Slim SEO <= 4.6.2 versions.)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57236 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5v8h-3h3q-446p
 CVE-2026-57235 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5prr-v3j2-97mh
 CVE-2026-57234 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
-	TODO: check
+	- ruby-nokogiri <unfixed>
+	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-8678-w3jw-xfc2
 CVE-2026-56790 (CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one  ...)
 	TODO: check
 CVE-2026-56789 (RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/568b676eb0f3f617576f3f1b1c7bf0da28f17d02

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/568b676eb0f3f617576f3f1b1c7bf0da28f17d02
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260625/35d4457e/attachment.htm>


More information about the debian-security-tracker-commits mailing list