CRITICAL 9.8 RubyGems
Nokogiri does not forbid namespace nodes in XPointer ranges
GHSA-fr52-4hqw-p27f · CVE-2016-4658
Published · Modified
Description
xpointer.c in libxml2 before 2.9.5 (as used in nokogiri before 1.7.1 amongst other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2016-4658
- WEB https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
- WEB https://security.gentoo.org/glsa/201701-37
- WEB https://support.apple.com/HT207141
- WEB https://support.apple.com/HT207142
- WEB https://support.apple.com/HT207143
- WEB https://support.apple.com/HT207170
- WEB http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
- WEB http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html
- WEB http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html
- WEB http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html
Ready to move
Start Securing
Free, no credit card | First findings in minutes