CVE-2022-29181
Improper Handling of Unexpected Data Type in Nokogiri
In short
Nokogiri, a popular Ruby library for processing XML and HTML, fails to properly validate input types before parsing. This allows attackers to send specially crafted data that can crash the application or leak sensitive information from memory.
Technical detail
CVE-2022-29181 exploits insufficient type-checking in Nokogiri's SAX parsers (XML/HTML4) via untrusted input vectors, resulting in out-of-bounds memory access, segmentation faults, or information disclosure. Pre-condition requires processing user-supplied or network-sourced data through affected parser methods without prior type validation. Impact includes application denial of service and potential memory information leakage.
Summary generated and translated by AI from the official description.
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Affected products
sparklemotion · nokogiriWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://seclists.org/fulldisclosure/2022/Dec/23https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8mhttps://security.gentoo.org/glsa/202208-29https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogirihttps://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri/https://support.apple.com/kb/HT213532