[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-29181":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":29,"aliases":39,"duplicate_of":9,"upstream":40,"downstream":41,"duplicates":68,"related":69,"reserved_at":9,"published_at":79,"modified_at":80,"state":81,"summary":82,"references_raw":90,"kevs":137,"epss":138,"epss_history":141,"metrics":398,"affected":409},"CVE-2022-29181","Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.",null,[11,23],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-241","Improper Handling of Unexpected Data Type","The product does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z).","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-48","Passing Local Filenames to Functions That Expect a URL",[],{"_key":24,"id":24,"name":25,"description":26,"type":15,"status":27,"abstraction":17,"likelihood_of_exploit":9,"capec":28},"CWE-843","Access of Resource Using Incompatible Type ('Type Confusion')","The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.","Incomplete",[],[30],{"_key":31,"name":32,"source":33,"url":34,"maturity":35,"reliability_score":36,"verified":37,"type":9,"platforms":38,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_ADVISORIES_GHSL-2022-031_GHSL-2022-032_NOKOGIRI","Ghsl 2022 031 Ghsl 2022 032 Nokogiri","github","https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri/","poc",0.3,false,[],[],[],[42,44,46,48,50,52,54,56,58,60,62,64,66],{"_key":43},"SUSE-SU-2022:3890-1",{"_key":45},"UBUNTU-CVE-2022-29181",{"_key":47},"SUSE-SU-2022:4015-1",{"_key":49},"SUSE-SU-2022:4016-1",{"_key":51},"OPENSUSE-SU-2024:12085-1",{"_key":53},"OPENSUSE-SU-2024:13165-1",{"_key":55},"OPENSUSE-SU-2024:14174-1",{"_key":57},"OPENSUSE-SU-2025:14697-1",{"_key":59},"OPENSUSE-SU-2026:10356-1",{"_key":61},"MGASA-2022-0200",{"_key":63},"USN-7659-1",{"_key":65},"DEBIAN-CVE-2022-29181",{"_key":67},"RHSA-2022:8506",[],[70,71,72,73,74,75,76,77,78],{"_key":43},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},"2022-05-20T00:00:00.000Z","2025-05-27T14:51:01.821Z","Modified",{"cisa_kev":37,"cisa_ransomware":37,"cisa_vendor":9,"epss_severity":83,"epss_score":84,"severity":85,"severity_score":86,"severity_version":87,"severity_source":88,"severity_vector":89,"severity_status":81},"low",0.04183,"high",8.2,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",[91,99,104,109,114,118,123,128,132],{"url":92,"sources":93,"tags":95},"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m",[88,94],"nvd",[96,97,98],"X Refsource CONFIRM","Issue Tracking","Third Party Advisory",{"url":100,"sources":101,"tags":102},"https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",[88,94],[103],"X Refsource MISC",{"url":105,"sources":106,"tags":107},"https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",[88,94],[103,108,98],"Patch",{"url":110,"sources":111,"tags":112},"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6",[88,94],[103,113,98],"Release Notes",{"url":115,"sources":116,"tags":117},"https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri",[88,94],[103],{"url":34,"sources":119,"tags":120},[88,94],[121,122,98],"X Transferred","Exploit",{"url":124,"sources":125,"tags":126},"https://security.gentoo.org/glsa/202208-29",[88,94],[127,121,98],"Vendor Advisory",{"url":129,"sources":130,"tags":131},"https://support.apple.com/kb/HT213532",[88,94],[121,98],{"url":133,"sources":134,"tags":135},"http://seclists.org/fulldisclosure/2022/Dec/23",[88,94],[136,121,98],"Mailing List",[],{"date":139,"score":84,"percentile":140},"2026-06-04",0.88898,[142,146,149,152,155,158,161,164,166,169,173,176,178,180,182,186,189,192,195,197,200,202,205,208,210,212,215,218,221,224,227,230,232,234,237,240,243,246,249,252,255,258,261,263,266,269,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,323,325,327,330,332,335,337,340,343,346,349,352,355,358,360,363,366,369,372,375,377,380,383,386,389,392,395],{"date":143,"score":144,"percentile":145},"2025-11-04",0.0534,0.89604,{"date":147,"score":144,"percentile":148},"2025-11-05",0.89603,{"date":150,"score":144,"percentile":151},"2025-11-06",0.89601,{"date":153,"score":144,"percentile":154},"2025-11-07",0.89607,{"date":156,"score":144,"percentile":157},"2025-11-08",0.8961,{"date":159,"score":144,"percentile":160},"2025-11-09",0.89608,{"date":162,"score":144,"percentile":163},"2025-11-10",0.89605,{"date":165,"score":144,"percentile":145},"2025-11-11",{"date":167,"score":144,"percentile":168},"2025-11-12",0.89612,{"date":170,"score":171,"percentile":172},"2025-11-13",0.05609,0.89896,{"date":174,"score":171,"percentile":175},"2025-11-14",0.89899,{"date":177,"score":171,"percentile":172},"2025-11-15",{"date":179,"score":171,"percentile":175},"2025-11-16",{"date":181,"score":171,"percentile":172},"2025-11-17",{"date":183,"score":184,"percentile":185},"2025-11-18",0.01578,0.80018,{"date":187,"score":184,"percentile":188},"2025-11-19",0.80022,{"date":190,"score":184,"percentile":191},"2025-11-20",0.80029,{"date":193,"score":171,"percentile":194},"2025-11-21",0.89908,{"date":196,"score":171,"percentile":194},"2025-11-22",{"date":198,"score":171,"percentile":199},"2025-11-23",0.89905,{"date":201,"score":171,"percentile":194},"2025-11-24",{"date":203,"score":171,"percentile":204},"2025-11-25",0.89912,{"date":206,"score":171,"percentile":207},"2025-11-26",0.89914,{"date":209,"score":171,"percentile":207},"2025-11-27",{"date":211,"score":171,"percentile":199},"2025-11-28",{"date":213,"score":171,"percentile":214},"2025-11-29",0.89966,{"date":216,"score":171,"percentile":217},"2025-11-30",0.89967,{"date":219,"score":171,"percentile":220},"2025-12-01",0.90025,{"date":222,"score":171,"percentile":223},"2025-12-02",0.90029,{"date":225,"score":171,"percentile":226},"2025-12-03",0.90031,{"date":228,"score":171,"percentile":229},"2025-12-04",0.89972,{"date":231,"score":171,"percentile":229},"2025-12-05",{"date":233,"score":171,"percentile":229},"2025-12-06",{"date":235,"score":171,"percentile":236},"2025-12-07",0.89968,{"date":238,"score":171,"percentile":239},"2025-12-08",0.89969,{"date":241,"score":171,"percentile":242},"2025-12-09",0.89971,{"date":244,"score":171,"percentile":245},"2025-12-10",0.89982,{"date":247,"score":171,"percentile":248},"2025-12-11",0.89985,{"date":250,"score":171,"percentile":251},"2025-12-12",0.8999,{"date":253,"score":171,"percentile":254},"2025-12-13",0.89994,{"date":256,"score":171,"percentile":257},"2025-12-14",0.89995,{"date":259,"score":171,"percentile":260},"2025-12-15",0.89996,{"date":262,"score":171,"percentile":251},"2025-12-16",{"date":264,"score":171,"percentile":265},"2025-12-17",0.89999,{"date":267,"score":171,"percentile":268},"2025-12-18",0.90006,{"date":270,"score":271,"percentile":272},"2025-12-19",0.05756,0.9014,{"date":274,"score":271,"percentile":275},"2025-12-20",0.90138,{"date":277,"score":271,"percentile":278},"2025-12-21",0.90148,{"date":280,"score":271,"percentile":281},"2025-12-22",0.9015,{"date":283,"score":271,"percentile":284},"2025-12-23",0.90154,{"date":286,"score":271,"percentile":287},"2025-12-24",0.9016,{"date":289,"score":271,"percentile":290},"2025-12-25",0.90173,{"date":292,"score":271,"percentile":293},"2025-12-26",0.90171,{"date":295,"score":271,"percentile":296},"2025-12-27",0.90217,{"date":298,"score":271,"percentile":299},"2025-12-28",0.90165,{"date":301,"score":271,"percentile":302},"2025-12-29",0.90159,{"date":304,"score":271,"percentile":305},"2025-12-30",0.90167,{"date":307,"score":271,"percentile":308},"2025-12-31",0.90175,{"date":310,"score":271,"percentile":311},"2026-01-01",0.90242,{"date":313,"score":271,"percentile":314},"2026-01-02",0.90237,{"date":316,"score":271,"percentile":317},"2026-01-03",0.90236,{"date":319,"score":271,"percentile":320},"2026-01-04",0.90176,{"date":322,"score":271,"percentile":293},"2026-01-05",{"date":324,"score":271,"percentile":290},"2026-01-06",{"date":326,"score":271,"percentile":320},"2026-01-07",{"date":328,"score":271,"percentile":329},"2026-01-08",0.90181,{"date":331,"score":271,"percentile":329},"2026-01-09",{"date":333,"score":271,"percentile":334},"2026-01-10",0.90184,{"date":336,"score":271,"percentile":308},"2026-01-11",{"date":338,"score":271,"percentile":339},"2026-01-12",0.90174,{"date":341,"score":271,"percentile":342},"2026-01-13",0.90172,{"date":344,"score":271,"percentile":345},"2026-01-14",0.90187,{"date":347,"score":271,"percentile":348},"2026-01-15",0.90189,{"date":350,"score":271,"percentile":351},"2026-01-16",0.90192,{"date":353,"score":271,"percentile":354},"2026-01-17",0.9019,{"date":356,"score":271,"percentile":357},"2026-01-18",0.90191,{"date":359,"score":271,"percentile":354},"2026-01-19",{"date":361,"score":271,"percentile":362},"2026-01-20",0.90193,{"date":364,"score":271,"percentile":365},"2026-01-21",0.90195,{"date":367,"score":271,"percentile":368},"2026-01-22",0.90198,{"date":370,"score":271,"percentile":371},"2026-01-23",0.90205,{"date":373,"score":271,"percentile":374},"2026-01-24",0.90211,{"date":376,"score":271,"percentile":374},"2026-01-25",{"date":378,"score":271,"percentile":379},"2026-01-26",0.90214,{"date":381,"score":271,"percentile":382},"2026-01-27",0.90216,{"date":384,"score":271,"percentile":385},"2026-01-28",0.90223,{"date":387,"score":271,"percentile":388},"2026-01-29",0.90222,{"date":390,"score":271,"percentile":391},"2026-01-30",0.90221,{"date":393,"score":271,"percentile":394},"2026-01-31",0.90228,{"date":396,"score":271,"percentile":397},"2026-02-01",0.90291,[399,403],{"source":88,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":400,"cvss_v4_0":9},{"baseScore":86,"baseSeverity":401,"vectorString":89,"impactScore":4,"exploitabilityScore":402},"HIGH",10,{"source":94,"cvss_v2_0":404,"cvss_v3_0":9,"cvss_v3_1":408,"cvss_v4_0":9},{"baseScore":405,"baseSeverity":9,"vectorString":406,"impactScore":407,"exploitabilityScore":402},6.4,"AV:N/AC:L/Au:N/C:P/I:N/A:P",4.9,{"baseScore":86,"baseSeverity":401,"vectorString":89,"impactScore":4,"exploitabilityScore":402},[410,421,428],{"ecosystem":9,"name":411,"vendor":9,"product":411,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":412},"macOS",[413],{"version":414,"is_range":415,"range_type":416,"version_start":417,"version_start_type":418,"version_end":419,"version_end_type":420,"fixed_in":9},"gte13.0_lt13.1",true,"cpe","13.0","including","13.1","excluding",{"ecosystem":9,"name":422,"vendor":422,"product":422,"cpe_part":423,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":424},"nokogiri","a",[425],{"version":426,"is_range":415,"range_type":416,"version_start":9,"version_start_type":9,"version_end":427,"version_end_type":420,"fixed_in":9},"lt1.13.6","1.13.6",{"ecosystem":9,"name":422,"vendor":429,"product":422,"cpe_part":423,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":430},"sparklemotion",[431],{"version":432,"is_range":415,"range_type":88,"version_start":9,"version_start_type":9,"version_end":427,"version_end_type":420,"fixed_in":9},"\u003C 1.13.6"]