CVE-2025-6490 – Nokogiri Heap-Based Buffer Overflow Vulnerability

June 22, 2025

CVE ID : CVE-2025-6490

Published : June 22, 2025, 7:15 p.m. | 5 hours, 39 minutes ago

Description : A vulnerability was found in sparklemotion nokogiri up to 1.18.7 and classified as problematic. This issue affects the function hashmap_set_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6492 – MarkText Regular Expression Complexity Remote Vulnerability

Next Article CVE-2025-6489 – iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

5 ways business leaders can transform workplace culture – and it starts by listening

My 4 favorite image editing apps on Linux – and two are free Photoshop alternatives

How Google’s Genie 3 could change AI video – and let you build your own interactive worlds

How you’re charging your tablet is slowly killing it – 3 methods to avoid (and the right way)

Establishing Consistent Data Foundations with Laravel’s Database Population System

Establishing Consistent Data Foundations with Laravel’s Database Population System

Generate Postman Collections from Laravel Routes

This Week in Laravel: Free Laravel Idea, Laracon News, and More

Lenovo Legion Go 2 vs Legion Go — How Do These Gaming Handhelds Compare Based on Rumored Specs?

Lenovo Legion Go 2 vs Legion Go — How Do These Gaming Handhelds Compare Based on Rumored Specs?

9 Default Settings in Windows 11 You Didn’t Know Could Affect Performance and Privacy

DICE Responds to Battlefield 6 Community: Key Updates on Map Flow and Class Mechanics

CVE-2025-6490 – Nokogiri Heap-Based Buffer Overflow Vulnerability

Black Hat USA 2025: Does successful cybersecurity today increase cyber-risk tomorrow?

Black Hat USA 2025: Policy compliance and the myth of the silver bullet

CVE-2025-49302 – Scott Paterson Easy Stripe Code Injection Vulnerability

Microsoft begins removing PowerShell 2.0 as it cleans up Windows 11

ONLYOFFICE Docs 9.0 is here: discover the redesigned interface, diagram viewer, AI tools and more

CVE-2025-37979 – Qualcomm ASoC qcom Linux Kernel Buffer Overflow

Researchers at Physical Intelligence Introduce π-0.5: A New AI Framework for Real-Time Adaptive Intelligence in Physical Systems

CVE-2025-30743 – Oracle Lease and Finance Management HTTP Internal Operations Unauthorized Access and Data Manipulation

CVE-2025-48848 – Citrix NetScaler HTTP Request Smuggling

CVE-2025-5602 – Campcodes Hospital Management System SQL Injection Vulnerability

CVE-2025-6490 – Nokogiri Heap-Based Buffer Overflow Vulnerability

Related Posts