CVE-2013-6460 (nokogiri): CVE-2013-6460 rubygem-nokogiri: DoS while parsing XML documents

December 14th, 2013

ADVISORIES

GEM

PLATFORM

SEVERITY

CVSS v3.x: 6.5 (Medium)

CVSS v2.0: 4.3 (Medium)

PATCHED VERSIONS

~> 1.5.11
>= 1.6.1

DESCRIPTION

Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents