Whoops, I couldn't find that page - RubySec

You may want to try a search above, or [visit the homepage](/). Also, here are some recent posts:

Jun 19

GHSA-wjv4-x9w8-wm3h (nokogiri): Nokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node type

posted in •

Jun 19

GHSA-wfpw-mmfh-qq69 (nokogiri): Nokogiri: Possible Use-After-Free in XInclude Processing

posted in •

Jun 19

GHSA-phwj-rprq-35pp (nokogiri): Nokogiri: Possible Use-After-Free when setting an attribute value via `Nokogiri::XML::Attr#value=` or `#content=`

posted in •

Jun 19

GHSA-p67v-3w7g-wjg7 (nokogiri): Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime

posted in •

Jun 19

GHSA-mqq5-j7w8-2hgh (alchemy_cms): AlchemyCMS - Unauthenticated nested page API leaks restricted and unpublished content

posted in •

Jun 19

GHSA-9cv2-cfxc-v4v2 (nokogiri): Nokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classes

posted in •

Jun 19

GHSA-8678-w3jw-xfc2 (nokogiri): Nokogiri: XML::Schema on JRuby allows network requests when NONET is set, bypassing CVE-2020-26247

posted in •

Jun 19

GHSA-5v8h-3h3q-446p (nokogiri): Nokogiri: Possible Use-After-Free when `Nokogiri::XML::Document#encoding=` raises an exception

posted in •

Jun 19

GHSA-5prr-v3j2-97mh (nokogiri): Nokogiri: Possible Out-of-Bounds Read in `Nokogiri::XML::NodeSet#[]`

posted in •

Jun 19

CVE-2026-54297 (faraday): Faraday - Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters

posted in •