https://db.gcve.eu/sightings/feed 2026-05-11T20:48:08.642148+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/b064a13e-6f3d-43ec-9225-4bbacde00845/export 2026-05-11T20:48:09.167580+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "b064a13e-6f3d-43ec-9225-4bbacde00845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-XH29-R2W5-WX8M", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12920", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-29181\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)\n\ud83d\udd39 Description: Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.\n\ud83d\udccf Published: 2022-05-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T18:01:15.465Z\n\ud83d\udd17 References:\n1. https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m\n2. https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267\n3. https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6\n4. https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri/\n5. https://security.gentoo.org/glsa/202208-29\n6. https://support.apple.com/kb/HT213532\n7. http://seclists.org/fulldisclosure/2022/Dec/23", "creation_timestamp": "2025-04-22T18:03:34.000000Z"} 2025-04-22T18:03:34+00:00