neko-htmlunit vulnerability?

[wmwilliam]

I noticed that neko-htmlunit was declared as a vulnerable transitive dependency as part of the antisamy project (CVE-2024-23635), is Nokogiri vulnerable to this as well?

[flavorjones]

@wmwilliam If you have reason to believe there's some sort of behavior in the version of neko-htmlunit used by Nokogiri that would impact security, please report it via the appropriate channel.