Description
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri’s CRuby native extension could leave a Ruby wrapper pointing to freed memory when replacing the value of an XML attribute. If Ruby code had already accessed an attribute child node, Nokogiri::XML::Attr#value= could free the underlying native child node while the wrapper remained reachable through the document node cache. A later use of the freed child node or a Ruby GC mark could dereference an invalid pointer, causing an invalid read and a possible segfault. This vulnerability is fixed in 1.19.4.
Severity (CVSS)
| Base score | 1.7 |
|---|---|
| Severity | Low |
| Version | CVSS 4.0 |
| Vector | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U |
| Provided by | CNA |
Weaknesses
- CWE-416 — CWE-416: Use After Free
- CWE-825 — CWE-825: Expired Pointer Dereference
Affected products
| Vendor | Product | Versions |
|---|---|---|
| sparklemotion | nokogiri | < 1.19.4 |
References
- https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-phwj-rprq-35pp (x_refsource_CONFIRM)
Generated from the official CVE List on 26 Jun 2026 07:05 UTC.