RubyGems package

nokogiri

pkg:gem/nokogiri

Vulnerabilities (34)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2019-13117		—	< 1.10.5	1.10.5	Jul 1, 2019	In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
CVE-2019-11068		—	< 1.10.3	1.10.3	Apr 10, 2019	libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
CVE-2017-15412		—	< 1.8.2	1.8.2	Aug 28, 2018	Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-14404		—	< 1.8.5	1.8.5	Jul 19, 2018	A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2
CVE-2017-18258		—	< 1.8.2	1.8.2	Apr 8, 2018	The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
CVE-2018-8048		—	< 1.8.3	1.8.3	Mar 27, 2018	In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.
CVE-2017-16932	Hig	7.5	< 1.8.1	1.8.1	Nov 23, 2017	parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
CVE-2017-9050	Hig	7.5	< 1.8.1	1.8.1	May 18, 2017	libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
CVE-2017-5029	Hig	8.8	< 1.7.2	1.7.2	Apr 24, 2017	The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to pe
CVE-2016-4658	Cri	9.8	< 1.7.1	1.7.1	Sep 25, 2016	xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of servic
CVE-2015-8806	Hig	7.5	>= 1.6.0, < 1.6.8	1.6.8	Apr 13, 2016	dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
CVE-2015-7499		—	>= 1.6.0, < 1.6.7.2	1.6.7.2	Dec 15, 2015	Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2015-5312		—	>= 1.6.0, < 1.6.7.1	1.6.7.1	Dec 15, 2015	The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVE-2015-1819		—	>= 1.6.6.0, < 1.6.6.4	1.6.6.4	Aug 14, 2015	The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

CVE-2019-13117Jul 1, 2019
affected < 1.10.5fixed 1.10.5
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
CVE-2019-11068Apr 10, 2019
affected < 1.10.3fixed 1.10.3
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
CVE-2017-15412Aug 28, 2018
affected < 1.8.2fixed 1.8.2
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-14404Jul 19, 2018
affected < 1.8.5fixed 1.8.5
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2
CVE-2017-18258Apr 8, 2018
affected < 1.8.2fixed 1.8.2
The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
CVE-2018-8048Mar 27, 2018
affected < 1.8.3fixed 1.8.3
In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.
CVE-2017-16932HigNov 23, 2017
affected < 1.8.1fixed 1.8.1
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
CVE-2017-9050HigMay 18, 2017
affected < 1.8.1fixed 1.8.1
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
CVE-2017-5029HigApr 24, 2017
affected < 1.7.2fixed 1.7.2
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to pe
CVE-2016-4658CriSep 25, 2016
affected < 1.7.1fixed 1.7.1
xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of servic
CVE-2015-8806HigApr 13, 2016
affected >= 1.6.0, < 1.6.8fixed 1.6.8
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
CVE-2015-7499Dec 15, 2015
affected >= 1.6.0, < 1.6.7.2fixed 1.6.7.2
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2015-5312Dec 15, 2015
affected >= 1.6.0, < 1.6.7.1fixed 1.6.7.1
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVE-2015-1819Aug 14, 2015
affected >= 1.6.6.0, < 1.6.6.4fixed 1.6.6.4
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

Page 2 of 2