Skip to content

Nokogiri updates packaged libxslt to v1.1.43 to resolve multiple CVEs

High
flavorjones published GHSA-mrxw-mxhj-p664 Mar 14, 2025

Package

bundler nokogiri (RubyGems)

Affected versions

< 1.18.4

Patched versions

1.18.4

Description

Summary

Nokogiri v1.18.4 upgrades its dependency libxslt to v1.1.43.

libxslt v1.1.43 resolves:

Impact

CVE-2025-24855

CVE-2024-55549

Severity

High

CVE ID

No known CVE

Weaknesses

No CWEs