CVE-2025-6490 – Nokogiri Heap-Based Buffer Overflow Vulnerability

June 22, 2025

CVE ID : CVE-2025-6490

Published : June 22, 2025, 7:15 p.m. | 5 hours, 39 minutes ago

Description : A vulnerability was found in sparklemotion nokogiri up to 1.18.7 and classified as problematic. This issue affects the function hashmap_set_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6492 – MarkText Regular Expression Complexity Remote Vulnerability

Next Article CVE-2025-6489 – iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

DistroWatch Weekly, Issue 1127

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Understanding JavaScript Promise

Lakeflow: Revolutionizing SCD2 Pipelines with Change Data Capture (CDC)

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

CVE-2025-6490 – Nokogiri Heap-Based Buffer Overflow Vulnerability

CVE-2025-6478 – CodeAstro Expense Management System CSRF

CVE-2025-6479 – Simple Pizza Ordering System SQL Injection

After ads, Microsoft Copilot on Android is testing “MSN feed” to make some money

CVE-2025-5546 – PHPGurukul Daily Expense Tracker System SQL Injection Vulnerability

Which AI model should I use with GitHub Copilot?

Multimodal AI poses new safety risks, creates CSEM and weapons info

Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation

Lingmo OS – modern Linux distribution based on Debian

CVE-2025-4795 – Gongfuxiang SchoolCMS SQL Injection Vulnerability

CVE-2025-48125 – WP Event Manager PHP Remote File Inclusion Vulnerability

CVE-2025-6490 – Nokogiri Heap-Based Buffer Overflow Vulnerability

Related Posts