Skip to content

Commit 57f53c0

Browse files
jasnowRubySec CI
jasnow
authored and
RubySec CI
committed
Updated advisory posts against rubysec/ruby-advisory-db@fbe19bf 
1 parent 55442c5 commit 57f53c0

1 file changed

Lines changed: 55 additions & 0 deletions

File tree

advisories/_posts/2026-06-19-GHSA-g9g8-vgvw-g3vf.md

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
---
2+
layout: advisory
3+
title: 'GHSA-g9g8-vgvw-g3vf (nokogiri): Possible invalid memory read when calling
4+
`Nokogiri::XML::Node#initialize_copy_with_args` with incorrect argument type'
5+
comments: false
6+
categories:
7+
- nokogiri
8+
advisory:
9+
gem: nokogiri
10+
ghsa: g9g8-vgvw-g3vf
11+
url: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-g9g8-vgvw-g3vf
12+
title: Possible invalid memory read when calling `Nokogiri::XML::Node#initialize_copy_with_args`
13+
with incorrect argument type
14+
date: 2026-06-19
15+
description: |-
16+
## Summary
17+
18+
The protected copy helper behind Node#dup and #clone unwrapped its
19+
source argument as an xmlNode without a type check.
20+
Supplying a non-Node (e.g. a Namespace) made it read an xmlNs
21+
out of bounds, crashing the process.
22+
23+
Nokogiri 1.19.4 performs a type check and raises TypeError when an
24+
argument of invalid type is passed.
25+
26+
Only CRuby is affected. JRuby is not affected.
27+
28+
## Severity
29+
30+
The Nokogiri maintainers have evaluated this as low severity.
31+
This is only triggered by a programming error. It requires application
32+
code to call the protected internal initialize_copy_with_args method
33+
with an argument that is not a Nokogiri::XML::Node.
34+
Nokogiri 1.19.4 now raises TypeError instead of reading out of bounds.
35+
It cannot be triggered by untrusted input or through normal use of
36+
the public API.
37+
38+
## Mitigation
39+
40+
Upgrade to Nokogiri 1.19.4 or later. There is no workaround.
41+
42+
## Credit
43+
44+
This issue was responsibly reported by Zheng Yu from depthfirst.com.
45+
patched_versions:
46+
- ">= 1.19.4"
47+
related:
48+
url:
49+
- https://rubygems.org/gems/nokogiri/versions/1.19.4
50+
- https://github.com/sparklemotion/nokogiri/releases/tag/v1.19.4
51+
- https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-g9g8-vgvw-g3vf
52+
notes: |
53+
- no CVE number
54+
- No [cvss_v2, cvss_v3, cvss_v4] on GHSA file
55+
---

0 commit comments

Comments
 (0)