---
gem: nokogiri
cve: 2013-6460
osvdb: 101179
url: http://www.osvdb.org/show/osvdb/101179
title: Nokogiri Gem for JRuby Crafted XML Document Handling Infinite Loop Remote DoS
date: 2013-12-14
description: Nokogiri Gem for JRuby contains a flaw that may allow a remote denial of service. The issue is triggered when handling a specially crafted XML document, which can result in an infinite loop. This may allow a context-dependent attacker to crash the server.
cvss_v2:
patched_versions: 
  - ~> 1.5.11
  - ">= 1.6.1"