CVE-2022-29181

Source
https://cve.org/CVERecord?id=CVE-2022-29181
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29181.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-29181
Aliases
Downstream
Related
Published
2022-05-20T00:00:00Z
Modified
2026-07-15T01:35:13.295647Z
Severity
  • 8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H CVSS Calculator
Summary
Improper Handling of Unexpected Data Type in Nokogiri
Details

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a String by calling #to_s or equivalent.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/29xxx/CVE-2022-29181.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-241"
    ]
}
References

Affected packages

Git / github.com/sparklemotion/nokogiri

Affected ranges

Type
GIT
Repo
https://github.com/sparklemotion/nokogiri
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Fixed
Database specific
{
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.13.6"
        }
    ],
    "cpe": "cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:ruby:*:*"
}

Affected versions

1.*
1.7.0.1-linux-binary1
REL_1.*
REL_1.0.0
REL_1.0.1
REL_1.0.2
REL_1.0.3
REL_1.0.4
REL_1.0.5
REL_1.0.6
REL_1.0.7
REL_1.5.0.beta.1
REL_1.5.0.beta.2
v1.*
v1.10.0
v1.10.0.rc1
v1.10.1
v1.10.2
v1.10.3
v1.11.0
v1.11.0.rc1
v1.11.0.rc2
v1.11.0.rc3
v1.11.0.rc4
v1.11.1
v1.11.2
v1.11.3
v1.12.0
v1.12.0.rc1
v1.12.1
v1.12.2
v1.12.3
v1.13.0
v1.13.1
v1.13.2
v1.13.3
v1.13.4
v1.13.5
v1.5.0
v1.5.0.beta.3
v1.5.0.beta.4
v1.5.1
v1.5.1.rc1
v1.5.2
v1.5.3
v1.5.3.rc1
v1.5.3.rc3
v1.5.3.rc4
v1.5.3.rc5
v1.5.3.rc6
v1.5.4.rc1
v1.5.4.rc2
v1.5.4.rc3
v1.5.5.rc1
v1.5.5.rc2
v1.5.6
v1.5.6.rc2
v1.5.7
v1.5.7.rc1
v1.5.7.rc2
v1.5.7.rc3
v1.5.8
v1.5.9
v1.6.0
v1.6.0.rc1
v1.6.2
v1.6.2.1
v1.6.2.beta.1
v1.6.2.rc1
v1.6.2.rc3
v1.6.3
v1.6.3.1
v1.6.3.rc1
v1.6.3.rc2
v1.6.3.rc3
v1.6.4
v1.6.5
v1.6.6
v1.6.6.1
v1.6.6.2
v1.6.7.rc1
v1.6.7.rc2
v1.6.7.rc3
v1.6.7.rc4
v1.6.8
v1.6.8.rc1
v1.6.8.rc2
v1.6.8.rc3
v1.7.0
v1.7.0.1
v1.8.0
v1.8.1
v1.8.2
v1.8.3
v1.8.4
v1.8.5
v1.9.0
v1.9.0.rc1
v1.9.1

Database specific

vanir_signatures_modified
"2026-07-15T01:35:13Z"
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29181.json"
vanir_signatures
[
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "length": 311.0,
            "function_hash": "339774057150225604830925007899139441664"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-08218874",
        "signature_type": "Function",
        "target": {
            "file": "ext/java/nokogiri/Html4SaxParserContext.java",
            "function": "parse_io"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "length": 440.0,
            "function_hash": "156700175685575345307480125041260173150"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-1630bc76",
        "signature_type": "Function",
        "target": {
            "file": "ext/nokogiri/xml_sax_parser_context.c",
            "function": "parse_memory"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "length": 311.0,
            "function_hash": "339774057150225604830925007899139441664"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-1e36b4c7",
        "signature_type": "Function",
        "target": {
            "file": "ext/java/nokogiri/Html4SaxParserContext.java",
            "function": "parse_io"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "32660667544791835419492192119628462419",
                "107509837605578032575666489903065846394",
                "82339482050122467544479565850719152695",
                "35316597750796945202672617103511275162",
                "64023981287457464679046336078146686527",
                "70256715334098376590202143321581670244",
                "307505881030890224483924028945227594477",
                "153908013770662347021857042754056368166",
                "69279590166439256109855042886691596332",
                "275480722593031554525184112037389671349",
                "201906997703988881664001197585905877796",
                "285155501316326881376048425303443337705",
                "322197686736064847564962717883962289003"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-1f19053f",
        "signature_type": "Line",
        "target": {
            "file": "ext/nokogiri/xml_sax_parser_context.c"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "length": 251.0,
            "function_hash": "212191781225457695491386033688224906340"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-22439742",
        "signature_type": "Function",
        "target": {
            "file": "ext/java/nokogiri/XmlSaxParserContext.java",
            "function": "parse_io"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "length": 915.0,
            "function_hash": "176127679834381012146427679809076348549"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-28f6af2a",
        "signature_type": "Function",
        "target": {
            "file": "ext/nokogiri/xml_sax_parser_context.c",
            "function": "noko_init_xml_sax_parser_context"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "length": 915.0,
            "function_hash": "176127679834381012146427679809076348549"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-29f6d5f5",
        "signature_type": "Function",
        "target": {
            "file": "ext/nokogiri/xml_sax_parser_context.c",
            "function": "noko_init_xml_sax_parser_context"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "length": 356.0,
            "function_hash": "294968138415222748329321953319310436323"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-347206fc",
        "signature_type": "Function",
        "target": {
            "file": "ext/nokogiri/xml_sax_parser_context.c",
            "function": "parse_io"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "length": 715.0,
            "function_hash": "127238979648815204612396819651147529331"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-3ae0d8a8",
        "signature_type": "Function",
        "target": {
            "file": "ext/nokogiri/html4_sax_parser_context.c",
            "function": "parse_memory"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "301974088387910415895165297468897494853",
                "262078244075390359928913097953673686959",
                "332161118915953394321811625135653679747",
                "37485012236067294588749722995528365636",
                "235067727987673492805409627799828865989"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-3b25b21e",
        "signature_type": "Line",
        "target": {
            "file": "ext/java/nokogiri/XmlSaxParserContext.java"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "length": 297.0,
            "function_hash": "267902176412199800154903533136942249800"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-4e57f768",
        "signature_type": "Function",
        "target": {
            "file": "ext/java/nokogiri/Html4SaxParserContext.java",
            "function": "parse_file"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "251130477431979476662424461810691582938",
                "34541768503110933539975464747105694011",
                "272126993558759473010658636557092160129",
                "247119134650593912805485105462029812584",
                "200848791623806623448935133558450604572",
                "269585636492925187769830241646393940632",
                "130546992641210218792316502141335517451"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-5058400a",
        "signature_type": "Line",
        "target": {
            "file": "ext/java/nokogiri/internals/ParserContext.java"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "228948493316227740900978492420613898378",
                "297369657864748533146341721710689031079",
                "100207569160225581353473082597370343087",
                "69279590166439256109855042886691596332",
                "275480722593031554525184112037389671349",
                "201906997703988881664001197585905877796"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-56889168",
        "signature_type": "Line",
        "target": {
            "file": "ext/nokogiri/html4_sax_parser_context.c"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "228948493316227740900978492420613898378",
                "297369657864748533146341721710689031079",
                "100207569160225581353473082597370343087",
                "69279590166439256109855042886691596332",
                "275480722593031554525184112037389671349",
                "201906997703988881664001197585905877796"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-5742102c",
        "signature_type": "Line",
        "target": {
            "file": "ext/nokogiri/html4_sax_parser_context.c"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "length": 262.0,
            "function_hash": "205531008590026051851218986025663118423"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-5e3cf5a8",
        "signature_type": "Function",
        "target": {
            "file": "ext/java/nokogiri/internals/ParserContext.java",
            "function": "setIOInputSource"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "301974088387910415895165297468897494853",
                "262078244075390359928913097953673686959",
                "332161118915953394321811625135653679747",
                "37485012236067294588749722995528365636",
                "235067727987673492805409627799828865989"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-8565521e",
        "signature_type": "Line",
        "target": {
            "file": "ext/java/nokogiri/XmlSaxParserContext.java"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "331368784099517581934682078160424571708",
                "102024338053281508170680113564003959162",
                "339844541191640777103824805018317601737",
                "201412992390040745034561854691694232729",
                "331368784099517581934682078160424571708",
                "102024338053281508170680113564003959162",
                "33723629034192463124448976271557698700",
                "279827863847969284732147331499160204438"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-91597b4f",
        "signature_type": "Line",
        "target": {
            "file": "ext/java/nokogiri/Html4SaxParserContext.java"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "length": 440.0,
            "function_hash": "156700175685575345307480125041260173150"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-a4320415",
        "signature_type": "Function",
        "target": {
            "file": "ext/nokogiri/xml_sax_parser_context.c",
            "function": "parse_memory"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "length": 356.0,
            "function_hash": "294968138415222748329321953319310436323"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-adbe964b",
        "signature_type": "Function",
        "target": {
            "file": "ext/nokogiri/xml_sax_parser_context.c",
            "function": "parse_io"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "length": 715.0,
            "function_hash": "127238979648815204612396819651147529331"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-b0040838",
        "signature_type": "Function",
        "target": {
            "file": "ext/nokogiri/html4_sax_parser_context.c",
            "function": "parse_memory"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "331368784099517581934682078160424571708",
                "102024338053281508170680113564003959162",
                "339844541191640777103824805018317601737",
                "201412992390040745034561854691694232729",
                "331368784099517581934682078160424571708",
                "102024338053281508170680113564003959162",
                "33723629034192463124448976271557698700",
                "279827863847969284732147331499160204438"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-b22c5a79",
        "signature_type": "Line",
        "target": {
            "file": "ext/java/nokogiri/Html4SaxParserContext.java"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "251130477431979476662424461810691582938",
                "34541768503110933539975464747105694011",
                "272126993558759473010658636557092160129",
                "247119134650593912805485105462029812584",
                "200848791623806623448935133558450604572",
                "269585636492925187769830241646393940632",
                "130546992641210218792316502141335517451"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-b3184692",
        "signature_type": "Line",
        "target": {
            "file": "ext/java/nokogiri/internals/ParserContext.java"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "length": 297.0,
            "function_hash": "267902176412199800154903533136942249800"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-b9900a3e",
        "signature_type": "Function",
        "target": {
            "file": "ext/java/nokogiri/Html4SaxParserContext.java",
            "function": "parse_file"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "length": 262.0,
            "function_hash": "205531008590026051851218986025663118423"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-d37b0a02",
        "signature_type": "Function",
        "target": {
            "file": "ext/java/nokogiri/internals/ParserContext.java",
            "function": "setIOInputSource"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7",
        "signature_version": "v1",
        "digest": {
            "length": 251.0,
            "function_hash": "212191781225457695491386033688224906340"
        },
        "deprecated": false,
        "id": "CVE-2022-29181-dcda49d2",
        "signature_type": "Function",
        "target": {
            "file": "ext/java/nokogiri/XmlSaxParserContext.java",
            "function": "parse_io"
        }
    },
    {
        "source": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "32660667544791835419492192119628462419",
                "107509837605578032575666489903065846394",
                "82339482050122467544479565850719152695",
                "35316597750796945202672617103511275162",
                "64023981287457464679046336078146686527",
                "70256715334098376590202143321581670244",
                "307505881030890224483924028945227594477",
                "153908013770662347021857042754056368166",
                "69279590166439256109855042886691596332",
                "275480722593031554525184112037389671349",
                "201906997703988881664001197585905877796",
                "285155501316326881376048425303443337705",
                "322197686736064847564962717883962289003"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2022-29181-e7a9b689",
        "signature_type": "Line",
        "target": {
            "file": "ext/nokogiri/xml_sax_parser_context.c"
        }
    }
]