Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,662
Maven
5,000+
npm
4,292
NuGet
760
pip
4,070
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
Duplicate Advisory: Use-after-free in libxml2 via Nokogiri::XML::Reader Moderate
GHSA-vcc3-rw6f-jv97 was published for nokogiri (RubyGems) Mar 18, 2024 withdrawn
postmodern
Credited to postmodern
Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062 Moderate
GHSA-xc9x-jj77-9p9j was published for nokogiri (RubyGems) Feb 5, 2024
yoshizawa-masatoshi lumaxis
Credited to yoshizawa-masatoshi and lumaxis
Nokogiri updates packaged libxslt to v1.1.43 to resolve multiple CVEs High
GHSA-mrxw-mxhj-p664 was published for nokogiri (RubyGems) Mar 14, 2025
Nokogiri updates packaged libxml2 to 2.13.6 to resolve CVE-2025-24928 and CVE-2024-56171 Low
GHSA-vvfq-8hwr-qm4m was published for nokogiri (RubyGems) Feb 18, 2025
Nokogiri has vulnerable dependencies on libxml2 and libxslt High
CVE-2021-30560 was published for nokogiri (RubyGems) May 24, 2022
Nokogiri gem, via libxml, is affected by DoS vulnerabilities High
CVE-2017-15412 was published for nokogiri (RubyGems) May 14, 2022
espen mattyr
flavorjones staticintlucas thomasthaddeus BaerMitUmlaut dlackty
Credited to espen, mattyr, flavorjones, staticintlucas, thomasthaddeus, BaerMitUmlaut, and dlackty
Nokogiri Implements libxml2 version vulnerable to use-after-free High
CVE-2021-3518 was published for nokogiri (RubyGems) May 24, 2022
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability High
CVE-2019-18197 was published for nokogiri (RubyGems) May 24, 2022
Vulnerable dependencies in Nokogiri High
GHSA-fq42-c5rg-92c2 was published for nokogiri (RubyGems) Feb 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database