GHSA-p67v-3w7g-wjg7: Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime
Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression could read invalid memory and potentially segfault.
This is only reachable when application code constructs an XPathContext directly and lets the document become unreachable while continuing to use the context. The normal Document#xpath, #css, and related search methods are not affected, and it is not triggerable by malicious document input.
Nokogiri 1.19.4 makes XPathContext keep its source document alive for as long as the context exists.
Only the CRuby implementation is affected. JRuby is not affected.
References
Code Behaviors & Features
Detect and mitigate GHSA-p67v-3w7g-wjg7 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →