RubySec

Providing security resources for the Ruby community

CVE-2013-6461 (nokogiri): CVE-2013-6461 rubygem-nokogiri: DoS while parsing XML entities

ADVISORIES

GEM

nokogiri

PATCHED VERSIONS

  • ~> 1.5.11
  • >= 1.6.1

DESCRIPTION

Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits

Contact us @rubysec or open an issue on our GitHub repository.

Recent Advisories