Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:3746
HistoryMar 23, 2017 - 1:10 a.m.

Copy-Paste Vulnerability (CPV) Through Libxml2

2017-03-2301:10:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14

EPSS

0.106

Percentile

95.0%

nokogiri has a copied version of the libxml2 library. The copy that nokogiri includes is vulnerable to the following issues: 1. CVE-2016-4658 - Use after free vulnerability via the namespace nodes in XPointer 2. CVE-2016-5131 - Use-after-free vulnerability via the XPointer range-to function.