Nokogiri · Nokogiri · CVE-2022-24836
**Name of the Vulnerable Software and Affected Versions**
Nokogiri versions prior to 1.13.4
**Description**
The issue is related to an inefficient regular expression in the Nokogiri library, which can lead to excessive backtracking when detecting encoding in HTML documents. This can be exploited by a remote attacker to cause a denial of service. There are no known workarounds for this issue.
**Recommendations**
Upgrade to Nokogiri version 1.13.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the vulnerable regular expression function until a patch is available.