Sha256: d7171245d9259fc9ef2a7ccecdf0c514e6f36706b761389d8c1b9321696d043d

Contents?: true

Size: 568 Bytes

Versions: 8

Compression:

Stored size: 568 Bytes

Contents

---
gem: nokogiri
cve: 2013-6461
osvdb: 101458
url: http://www.osvdb.org/show/osvdb/101458
title: Nokogiri Gem for Ruby External Entity (XXE) Expansion Remote DoS 
date: 2013-12-14
description: Nokogiri gem for Ruby contains an flaw that is triggered during the parsing of XML data.
  The issue is due to an incorrectly configured XML parser accepting XML external entities from
  an untrusted source. By sending specially crafted XML data, a remote attacker can cause an infinite
  loop and crash the program.
cvss_v2:
patched_versions: 
  - ~> 1.5.11
  - ">= 1.6.1"

Version data entries

8 entries across 8 versions & 3 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/nokogiri/OSVDB-101458.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/nokogiri/OSVDB-101458.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/nokogiri/OSVDB-101458.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/nokogiri/OSVDB-101458.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/nokogiri/OSVDB-101458.yml
bundler-audit-0.4.0 data/ruby-advisory-db/gems/nokogiri/OSVDB-101458.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/nokogiri/OSVDB-101458.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/nokogiri/OSVDB-101458.yml