CVE-2025-6494 | sparklemotion nokogiri up to 1.18.7 hashmap.c hashmap_get_with_hash heap-based overflow (Issue 3508)

A vulnerability was found in sparklemotion nokogiri up to 1.18.7. It has been classified as problematic. This affects the function hashmap_get_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow.

This vulnerability is uniquely identified as CVE-2025-6494. An attack has to be approached locally. Furthermore, there is an exploit available.VulDB Recent EntriesRead More