libxmljs@0.5.4 vulnerabilities
libxml bindings for v8 javascript engine
-
latest version
1.0.11
-
first published
13 years ago
-
latest version published
a year ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the libxmljs package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
libxmljs is a libxml bindings for v8 javascript engine Affected versions of this package are vulnerable to Type Confusion when parsing a specially crafted XML while invoking the namespaces() function, which invokes How to fix Type Confusion? There is no fixed version for |
*
|
libxmljs is a libxml bindings for v8 javascript engine Affected versions of this package are vulnerable to Remote Code Execution (RCE) when parsing a specially crafted XML while invoking a function on the result of How to fix Remote Code Execution (RCE)? There is no fixed version for |
*
|
libxmljs is a libxml bindings for v8 javascript engine Affected versions of this package are vulnerable to Denial of Service (DoS). When invoking the PoC:
How to fix Denial of Service (DoS)? Upgrade |
<0.19.8
|
nokogiri is an HTML, XML, SAX, and Reader parser, with the ability to search documents via XPath or CSS3 selectors. Affected versions of this Gem are vulnerable to both Memory Exhaustion and Sensitive Information Exposure. |
<0.17.0
|