EPSS
Percentile
89.3%
Nokogiri and Chef are vulnerable to attacks through a copied version of LibXML2 within the codebase. LibXML2 before 2.9.5 is vulnerable to CVE-2017-15412 - LibXML2 contains a use-after-free bug in the xmlXPathCompOpEvalPositionPredicate
method in xpath.c
.