RubySec

Providing security resources for the Ruby community

CVE-2019-18197 (nokogiri): Nokogiri affected by libxslt Use of Uninitialized Resource/ Use After Free vulnerability

ADVISORIES

GEM

nokogiri

SEVERITY

CVSS v3.x: 7.5 (High)

CVSS v2.0: 5.1 (Medium)

PATCHED VERSIONS

  • >= 1.10.5

DESCRIPTION

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.

Nokogiri prior to version 1.10.5 contains a vulnerable version of libxslt. Nokogiri version 1.10.5 upgrades the dependency to libxslt 1.1.34, which contains a patch for this issue.

RELATED