Skip to content
This repository has been archived by the owner on Feb 14, 2024. It is now read-only.

Uninitialized read in Nokogiri gem #10

Open
sniffler-app bot opened this issue Jun 9, 2023 · 0 comments
Open

Uninitialized read in Nokogiri gem #10

sniffler-app bot opened this issue Jun 9, 2023 · 0 comments

Comments

@sniffler-app
Copy link

sniffler-app bot commented Jun 9, 2023

Description

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.

Informations

Manifest Path: Gemfile.lock

Please look at dependabot report: https://github.com/swipely/reinvent-demo/security/dependabot/32

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

0 participants