CVE-2012-6685 (nokogiri): CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw

June 8th, 2012

CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw

Published: June 08, 2012

SECURITY IDENTIFIERS

CVE: CVE-2012-6685 (NVD)
GHSA: GHSA-6wj9-77wq-jq7p
OSVDB: OSVDB-90946

GEM

SEVERITY

CVSS v3.x: 7.5 (High)

CVSS v2.0: 5.0 (Medium)

PATCHED VERSIONS

>= 1.5.4

DESCRIPTION

Nokogiri before 1.5.4 is vulnerable to XXE attacks