CVE-2025-6494 – Nokogiri Heap-Based Buffer Overflow Vulnerability

June 22, 2025

CVE ID : CVE-2025-6494

Published : June 22, 2025, 11:15 p.m. | 1 hour, 39 minutes ago

Description : A vulnerability was found in sparklemotion nokogiri up to 1.18.7. It has been classified as problematic. This affects the function hashmap_get_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6496 – Apache Tidy Null Pointer Dereference Vulnerability

Next Article CVE-2025-6493 – CodeMirror Markdown Mode Regular Expression Complexity Remote Vulnerability

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

DistroWatch Weekly, Issue 1127

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Understanding JavaScript Promise

Lakeflow: Revolutionizing SCD2 Pipelines with Change Data Capture (CDC)

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

CVE-2025-6494 – Nokogiri Heap-Based Buffer Overflow Vulnerability

CVE-2025-6478 – CodeAstro Expense Management System CSRF

CVE-2025-6479 – Simple Pizza Ordering System SQL Injection

At $799, the best OLED Windows laptop of 2025 with the longest battery life is also the cheapest

CVE-2025-20962 – Samsung S Pen Gesture Service Position Tracking Vulnerability

System Cleaner BleachBit Sees First ‘Major Update’ Since 2023

AI-driven deception: A new face of corporate fraud

AMD’s new Radeon graphics driver is ready for DOOM: The Dark Ages and delivers FSR 4 upscaling support to Frostpunk 2, more

What Is Brief Solution-Focused Therapy (BSFT), And How Can It Help?

Leak hints at Windows 11’s new feature that optimizes performance, tied to Copilot branding (?)

CVE-2025-4635 – Apache Web Portal Remote Code Execution Vulnerability

CVE-2025-6494 – Nokogiri Heap-Based Buffer Overflow Vulnerability

Related Posts