OPENSUSE-SU-2021:0237-1
Advisory lineage Upstream: 2 Downstream: 0
Upstream
Published: 05 Feb 2021, 15:13
Last modified:04 Feb 2026, 02:27
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
05 Feb 2021, 15:13
Published
Vulnerability first disclosed
04 Feb 2026, 02:27
Last Modified
Vulnerability information updated
Description
Security update for rubygem-nokogiri This update for rubygem-nokogiri fixes the following issues: rubygem-nokogiri was updated to 1.8.5 (bsc#1156722). Security issues fixed: - CVE-2019-5477: Fixed a command injection vulnerability (bsc#1146578). - CVE-2020-26247: Fixed an XXE vulnerability in Nokogiri::XML::Schema (bsc#1180507). This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•rubygem-nokogiri&distro=openSUSE Leap 15.2
< 1.8.5-lp152.4.3.1
References (6)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RLEJCRYIVSTKE34ZJIXITKLZOOKOAMWQ/
- https://bugzilla.suse.com/1146578
- https://bugzilla.suse.com/1156722
- https://bugzilla.suse.com/1180507
- https://www.suse.com/security/cve/CVE-2019-5477
- https://www.suse.com/security/cve/CVE-2020-26247