GMS-2015-42: Multiple vulnerabilities in libxml2, libxslt
The vendored libxml2 and libxslt libraries have multiple vulnerabilities: CVE-2015-1819 CVE-2015-7941_1 CVE-2015-7941_2 CVE-2015-7942 CVE-2015-7942-2 CVE-2015-8035 CVE-2015-7995
References
- github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.rdoc
- github.com/sparklemotion/nokogiri/blob/v1.6.6.x/CHANGELOG.rdoc
- github.com/sparklemotion/nokogiri/commit/ac6106f1e641d50b27752c52b355e01d03ae8829
- github.com/sparklemotion/nokogiri/commit/ee52b7be5b47e1029af98f6b7eb6df7fc5ffd359
- groups.google.com/forum/
Code Behaviors & Features
Detect and mitigate GMS-2015-42 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →