Nokogiri v1.16.5 upgrades its dependency libxml2 to 2.12.7 from 2.12.6.
libxml2 v2.12.7 addresses CVE-2024-34459:
There is no impact to Nokogiri users because the issue is present only in libxml2's xmllint
tool which Nokogiri does not provide or expose.
{ "nvd_published_at": null, "cwe_ids": [ "CWE-120" ], "severity": "LOW", "github_reviewed": true, "github_reviewed_at": "2024-05-13T16:05:42Z" }