CVE-2013-6460

🗓️ 05 Nov 2019 14:02:54Reported by redhatType

Nokogiri gem 1.5.x DoS via infinite loop when parsing XM

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2013-6460	4 Feb 202408:37	–	circl
Cvelist	CVE-2013-6460	5 Nov 201914:02	–	cvelist
Debian CVE	CVE-2013-6460	5 Nov 201914:02	–	debiancve
EUVD	EUVD-2022-2692	3 Oct 202520:07	–	euvd
Github Security Blog	Nokogiri vulnerable to DoS while parsing XML documents	5 May 202200:29	–	github
NVD	CVE-2013-6460	5 Nov 201915:15	–	nvd
OSV	GHSA-62QP-3FXM-9WXF Nokogiri vulnerable to DoS while parsing XML documents	5 May 202200:29	–	osv
Prion	Denial of service	5 Nov 201915:15	–	prion
RubySec	CVE-2013-6460 rubygem-nokogiri: DoS while parsing XML documents	14 Dec 201300:00	–	rubygems
SUSE CVE	SUSE CVE-2013-6460	15 Feb 202305:34	–	susecve

NVD

Vulners

Node

nokogiri nokogiriRange1.5.0–1.5.11

nokogiri nokogiriRange1.6.0–1.6.1

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

debian debian_linuxMatch10.0

Node

redhat cloudforms_management_engineMatch5.0

redhat openstackMatch3.0

redhat openstackMatch4.0

redhat satelliteMatch6.0

redhat subscription_asset_managerMatch-

redhat enterprise_mrgMatch2.0

[
  {
    "product": "Nokogiri gem",
    "vendor": "Ruby",
    "versions": [
      {
        "status": "affected",
        "version": "1.5.x"
      },
      {
        "status": "affected",
        "version": "1.6.x"
      }
    ]
  }
]

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/CVE-2013-6460
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
openwall	www.openwall.com/lists/oss-security/2013/12/27/2
bugzilla	www.bugzilla.suse.com/show_bug.cgi
securityfocus	www.securityfocus.com/bid/64513
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/90058
access	www.access.redhat.com/security/cve/cve-2013-6460

21 Nov 2024 01:59Current

6.4Medium risk

Vulners AI Score6.4

CVSS 24.3

CVSS 3.16.5

EPSS0.02521

CWE-776