View all vulnerabilities

CVE-2017-15412

Nokogiri gem, via libxml, is affected by DoS vulnerabilities

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
8.7
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Versions
nokogiri < 1.8.2
Severity
High
Ecosystem
Publish Date
May 13, 2022
Modified Date
February 16, 2024