Out-of-bounds Read in Sparklemotion Nokogiri
CVE-2026-57235
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet#[] (and its alias #slice) checked the requested index against the node set's bounds using a 32-bit-truncated copy of…
Vulnerability class: Buffer Overflow
Affected products
- Sparklemotion Nokogiri — versions < 1.19.4
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)