Lucene search

K
rubygemsRubySecRUBY:NOKOGIRI-2020-7595
HistoryFeb 11, 2020 - 9:00 p.m.

libxml2 2.9.10 has an infinite loop in a certain end-of-file situation

2020-02-1121:00:00
RubySec
rubysec.com
20

Nokogiri has backported the patch for CVE-2020-7595 into its vendored version
of libxml2, and released this as v1.10.8

CVE-2020-7595 has not yet been addressed in an upstream libxml2 release, and
so Nokogiri versions <= v1.10.7 are vulnerable.

CPENameOperatorVersion
nokogirilt1.10.8
Related for RUBY:NOKOGIRI-2020-7595