8000 Out-of-bounds read in nokogiri · Issue #4 · swipely/reinvent-demo · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
This repository was archived by the owner on Feb 14, 2024. It is now read-only.

Out-of-bounds read in nokogiri #4

Open
sniffler-app bot opened this issue Apr 15, 2023 · 0 comments
Open

Out-of-bounds read in nokogiri #4

sniffler-app bot opened this issue Apr 15, 2023 · 0 comments
Assignees
@ls-barnaby-claydon
Labels
dependabot high security

Comments

@sniffler-app
Copy link
sniffler-app bot commented Apr 15, 2023

Description

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. GitHub is notifying on nokogiri as uses libxml2.

Informations

Manifest Path: Gemfile.lock

Please look at dependabot report :https://github.com/swipely/reinvent-demo/security/dependabot/21
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@ls-barnaby-claydon ls-barnaby-claydon

Labels
dependabot high security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ls-barnaby-claydon
0