This repository was archived by the owner on Feb 14, 2024. It is now read-only.
This repository was archived by the owner on Feb 14, 2024. It is now read-only.
Uninitialized read in Nokogiri gem #28
Description
Description
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
Informations
Manifest Path: Gemfile.lock
Please look at dependabot report: https://github.com/swipely/bubz/security/dependabot/108