Ruby Nokogiri Gem XML Parsing Multiple Denial of Service Vulnerabilities

Nokogiri Gem for Ruby is prone to multiple denial-of-service vulnerabilities when using JRuby.

Successful exploits may allow an attacker to cause an affected application to consume excessive amounts of memory and cause a crash, resulting in a denial-of-service condition.

Nokogiri 1.6.x versions prior to 1.6.1 and 1.5.x versions prior to 1.5.11 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus