Fix Nokogiri version for CVE-2022-23308 (!20073) · Merge requests · GitLab.org / security-products / advisory-database

Eddie Lebow requested to merge elebow/gemnasium-db:nokogiri-CVE-2022-23308-version into master Nov 11, 2022

CVE-2022-23308 deals with the libxml2 vendored in Nokogiri. The versions in Gemnasium are the libxml2 versions, but they should be the Nokogiri versions.

See the linked Nokogiri release notes at https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2.

Fix Nokogiri version for CVE-2022-23308

Merge request reports