oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

2012 CVE request: XXE in nokogiri ruby gem

From: David Jorm <djorm () corp iixpeering net>
Date: Tue, 30 Dec 2014 07:01:20 +0000
Hi All


An XXE issue was reported and fixed in nokogiri, but as far as I can see no CVE ID was ever assigned. It appears a lot 
of people haven't updated their dependencies as a result, so a CVE ID would be helpful. For details, see:


https://github.com/sparklemotion/nokogiri/issues/693#issuecomment-68334768


Thanks

--

David Jorm / IIX Product Security
Previous By Date Next
Previous By Thread Next

Current thread: