Search CVE reports
221 – 230 of 42899 results
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri’s CRuby native extension could leave a Ruby wrapper pointing to freed memory when replacing the value of an...
1 affected package
ruby-nokogiri
| Package | 22.04 LTS |
|---|---|
| ruby-nokogiri | Needs evaluation |
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from...
1 affected package
ruby-nokogiri
| Package | 22.04 LTS |
|---|---|
| ruby-nokogiri | Needs evaluation |
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, calling Document#encoding= with an invalid encoding (e.g., a non-string, or a string containing a null byte) raises an exception,...
1 affected package
ruby-nokogiri
| Package | 22.04 LTS |
|---|---|
| ruby-nokogiri | Needs evaluation |
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet#[] (and its alias #slice) checked the requested index against the node set's bounds using...
1 affected package
ruby-nokogiri
| Package | 22.04 LTS |
|---|---|
| ruby-nokogiri | Needs evaluation |
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, the NONET parse option, which Nokogiri turns on by default for Nokogiri::XML::Schema (see CVE-2020-26247), was not correctly...
1 affected package
ruby-nokogiri
| Package | 22.04 LTS |
|---|---|
| ruby-nokogiri | Needs evaluation |
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.
1 affected package
pdns-recursor
| Package | 22.04 LTS |
|---|---|
| pdns-recursor | Needs evaluation |
An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.
1 affected package
pdns-recursor
| Package | 22.04 LTS |
|---|---|
| pdns-recursor | Needs evaluation |
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.
1 affected package
pdns-recursor
| Package | 22.04 LTS |
|---|---|
| pdns-recursor | Needs evaluation |
Incomplete validation of the SOA record present in a catalog zone might lead to a crash.
1 affected package
pdns-recursor
| Package | 22.04 LTS |
|---|---|
| pdns-recursor | Needs evaluation |
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation.
1 affected package
pdns-recursor
| Package | 22.04 LTS |
|---|---|
| pdns-recursor | Needs evaluation |