LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.3	CVE-2026-57588	SQL Injection in Nessus via Malicious Scan Result File Import_CVE-2026-57588 A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user, injects ...	tenable	Nessus	Jun 25, 2026	CVE
LOW 2.1	CVE-2026-57535	CVE-2026-57535_CVE-2026-57535 Content injected to PDF rendering contexts could, in many places, include HTML content including tags. If the src attribute of these images point...	pretix	pretix	Jun 25, 2026	CVE
LOW 2.1	CVE-2026-57534	Stored XSS in pretix-pages_CVE-2026-57534 Malicious HTML content could be injected into the content of a page in the pretix-pages plugin.	pretix	pretix-pages	Jun 25, 2026	CVE
LOW 2.1	CVE-2026-57533	CVE-2026-57533_CVE-2026-57533 Malicious HTML content could be injected into the page pretix shows when redirection to an untrusted page occurs. Since this page has a Content-S...	pretix	pretix	Jun 25, 2026	CVE
LOW 1.7	CVE-2026-57437	Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime_CVE-2026-57437 Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its so...	sparklemotion	nokogiri < 1.19.4	Jun 25, 2026	CVE
LOW 1.7	CVE-2026-57436	Nokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node type_CVE-2026-57436 Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Document#root= validated only th...	sparklemotion	nokogiri < 1.19.4	Jun 25, 2026	CVE
LOW 1.7	CVE-2026-57435	Nokogiri: Possible Use-After-Free when setting an attribute value via `Nokogiri::XML::Attr#value=` or `#content=`_CVE-2026-57435 Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri’s CRuby native extension could leave a...	sparklemotion	nokogiri < 1.19.4	Jun 25, 2026	CVE
LOW 1.7	CVE-2026-57434	Nokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classes_CVE-2026-57434 Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain me...	sparklemotion	nokogiri < 1.19.4	Jun 25, 2026	CVE
LOW 1.7	CVE-2026-57236	Nokogiri: Possible Use-After-Free when `Nokogiri::XML::Document#encoding=` raises an exception_CVE-2026-57236 Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, calling Document#encoding= with an invalid enco...	sparklemotion	nokogiri < 1.19.4	Jun 25, 2026	CVE
LOW 2.6	CVE-2026-57234	Nokogiri: XML::Schema on JRuby allows network requests when NONET is set, bypassing CVE-2020-26247_CVE-2026-57234 Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, the NONET parse option, which Nokogiri turns on...	sparklemotion	nokogiri < 1.19.4	Jun 25, 2026	CVE