RubySec

Providing security resources for the Ruby community

OSVDB-118481 (nokogiri): Nokogiri Gem for JRuby XML Document Root Element Handling Memory Consumption Remote DoS

ADVISORIES

GEM

nokogiri

PATCHED VERSIONS

  • >= 1.6.3

DESCRIPTION

Nokogiri Gem for JRuby contains a flaw that is triggered when handling a root element in an XML document. This may allow a remote attacker to cause a consumption of memory resources.