openSUSE-SU-2025:14697-1: moderate: ruby3.4-rubygem-nokogiri-1.18.2-1.1 on GA media

26 Jan 2025

      # ruby3.4-rubygem-nokogiri-1.18.2-1.1 on GA media

Announcement ID: openSUSE-SU-2025:14697-1
Rating: moderate

Cross-References:

  * CVE-2013-2877
  * CVE-2014-0191
  * CVE-2015-1819
  * CVE-2015-5312
  * CVE-2015-7497
  * CVE-2015-7498
  * CVE-2015-7499
  * CVE-2015-7500
  * CVE-2015-7941
  * CVE-2015-7942
  * CVE-2015-7995
  * CVE-2015-8035
  * CVE-2015-8241
  * CVE-2015-8242
  * CVE-2015-8317
  * CVE-2016-4658
  * CVE-2016-4738
  * CVE-2016-5131
  * CVE-2017-15412
  * CVE-2017-5029
  * CVE-2018-14404
  * CVE-2018-25032
  * CVE-2018-8048
  * CVE-2019-11068
  * CVE-2019-20388
  * CVE-2019-5477
  * CVE-2020-24977
  * CVE-2020-7595
  * CVE-2021-30560
  * CVE-2021-3516
  * CVE-2021-3517
  * CVE-2021-3518
  * CVE-2021-3537
  * CVE-2021-3541
  * CVE-2021-41098
  * CVE-2022-23308
  * CVE-2022-23437
  * CVE-2022-23476
  * CVE-2022-24836
  * CVE-2022-24839
  * CVE-2022-29181
  * CVE-2022-29824
  * CVE-2022-34169
  * CVE-2023-29469

CVSS scores:

  * CVE-2016-5131 ( SUSE ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2017-15412 ( SUSE ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2018-14404 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2018-25032 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2018-8048 ( SUSE ): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2019-11068 ( SUSE ): 6.6 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
  * CVE-2019-20388 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2019-5477 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2020-24977 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2020-7595 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2021-30560 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2021-3516 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-3517 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
  * CVE-2021-3518 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-3537 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-3541 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-23308 ( SUSE ): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
  * CVE-2022-23437 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-24836 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-24839 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-29181 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
  * CVE-2022-29824 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2022-34169 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  * CVE-2023-29469 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

  * openSUSE Tumbleweed

An update that solves 44 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the ruby3.4-rubygem-nokogiri-1.18.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

  * openSUSE Tumbleweed:
    * ruby3.4-rubygem-nokogiri 1.18.2-1.1

## References:

  * https://www.suse.com/security/cve/CVE-2013-2877.html
  * https://www.suse.com/security/cve/CVE-2014-0191.html
  * https://www.suse.com/security/cve/CVE-2015-1819.html
  * https://www.suse.com/security/cve/CVE-2015-5312.html
  * https://www.suse.com/security/cve/CVE-2015-7497.html
  * https://www.suse.com/security/cve/CVE-2015-7498.html
  * https://www.suse.com/security/cve/CVE-2015-7499.html
  * https://www.suse.com/security/cve/CVE-2015-7500.html
  * https://www.suse.com/security/cve/CVE-2015-7941.html
  * https://www.suse.com/security/cve/CVE-2015-7942.html
  * https://www.suse.com/security/cve/CVE-2015-7995.html
  * https://www.suse.com/security/cve/CVE-2015-8035.html
  * https://www.suse.com/security/cve/CVE-2015-8241.html
  * https://www.suse.com/security/cve/CVE-2015-8242.html
  * https://www.suse.com/security/cve/CVE-2015-8317.html
  * https://www.suse.com/security/cve/CVE-2016-4658.html
  * https://www.suse.com/security/cve/CVE-2016-4738.html
  * https://www.suse.com/security/cve/CVE-2016-5131.html
  * https://www.suse.com/security/cve/CVE-2017-15412.html
  * https://www.suse.com/security/cve/CVE-2017-5029.html
  * https://www.suse.com/security/cve/CVE-2018-14404.html
  * https://www.suse.com/security/cve/CVE-2018-25032.html
  * https://www.suse.com/security/cve/CVE-2018-8048.html
  * https://www.suse.com/security/cve/CVE-2019-11068.html
  * https://www.suse.com/security/cve/CVE-2019-20388.html
  * https://www.suse.com/security/cve/CVE-2019-5477.html
  * https://www.suse.com/security/cve/CVE-2020-24977.html
  * https://www.suse.com/security/cve/CVE-2020-7595.html
  * https://www.suse.com/security/cve/CVE-2021-30560.html
  * https://www.suse.com/security/cve/CVE-2021-3516.html
  * https://www.suse.com/security/cve/CVE-2021-3517.html
  * https://www.suse.com/security/cve/CVE-2021-3518.html
  * https://www.suse.com/security/cve/CVE-2021-3537.html
  * https://www.suse.com/security/cve/CVE-2021-3541.html
  * https://www.suse.com/security/cve/CVE-2021-41098.html
  * https://www.suse.com/security/cve/CVE-2022-23308.html
  * https://www.suse.com/security/cve/CVE-2022-23437.html
  * https://www.suse.com/security/cve/CVE-2022-23476.html
  * https://www.suse.com/security/cve/CVE-2022-24836.html
  * https://www.suse.com/security/cve/CVE-2022-24839.html
  * https://www.suse.com/security/cve/CVE-2022-29181.html
  * https://www.suse.com/security/cve/CVE-2022-29824.html
  * https://www.suse.com/security/cve/CVE-2022-34169.html
  * https://www.suse.com/security/cve/CVE-2023-29469.html

meissner＠suse.com

tags

participants (1)