nokogiri gem is using libxml2 which is vulnerable to CVE-2016-1834. The vulnerability exists when xmlStrlen
returns a negative length in the xmlStrncat
function. Therefore, it may lead to other attacks such as denial of service or arbitrary code execution through a heap-based buffer overflow using a malicious XML input.