Security Advisory

CVE-2022-24839

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-11 21:25:12

Last updated 2025-04-23 18:40:37

Assigner GitHub_M

State PUBLISHED

Description

org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability.

← Browse all CVEs View on cve.org ↗