-
-
Notifications
You must be signed in to change notification settings - Fork 236
Expand file tree
/
Copy pathCVE-2017-15412.yml
More file actions
24 lines (23 loc) · 781 Bytes
/
Copy pathCVE-2017-15412.yml
File metadata and controls
24 lines (23 loc) · 781 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
---
gem: nokogiri
cve: 2017-15412
ghsa: r58r-74gx-6wx3
url: https://github.com/sparklemotion/nokogiri/issues/1714
title: Nokogiri gem, via libxml, is affected by DoS vulnerabilities
date: 2018-01-29
description: |
The version of libxml2 packaged with Nokogiri contains a
vulnerability. Nokogiri has mitigated these issue by upgrading to
libxml 2.9.6.
It was discovered that libxml2 incorrecty handled certain files. An attacker
could use this issue with specially constructed XML data to cause libxml2 to
consume resources, leading to a denial of service.
cvss_v3: 8.8
patched_versions:
- ">= 1.8.2"
related:
cve:
- 2017-18258
url:
- https://usn.ubuntu.com/usn/usn-3513-1/
- https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html