Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2015-5522
HistoryAug 11, 2015 - 2:59 p.m.

CVE-2015-5522

2015-08-1114:59:14
CWE-119
[email protected]
web.nvd.nist.gov
9

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.8

Confidence

High

EPSS

0.015

Percentile

87.2%

JSON

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.

Affected configurations

Nvd
Node
htacgtidyRange4.9.30
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch15.04
Node
debiandebian_linuxMatch7.0
OR
debiandebian_linuxMatch8.0
Node
appleiphone_osRange8.2
OR
applemac_os_xRange10.6.8
OR
applewatchosRange1.0.1
VendorProductVersionCPE
htacgtidy*cpe:2.3:a:htacg:tidy:*:*:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonicalubuntu_linux15.04cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
debiandebian_linux7.0cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
applewatchos*cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Related

ubuntucve 2
cvelist 1
prion 1
cve 1
securityvulns 8
nessus 7
osv 3
openvas 4
ubuntu 1
debian 2
freebsd 1
ubuntucve
ubuntucve
CVE-2015-5522
2015-07-16 00:00:00
CVE-2015-5523
2015-07-16 00:00:00
cvelist
cvelist
CVE-2015-5522
2015-08-11 14:00:00
prion
prion
Heap overflow
2015-08-11 14:59:00
cve
cve
CVE-2015-5522
2015-08-11 14:59:14
securityvulns
securityvulns
[SECURITY] [DSA 3309-1] tidy security update
2015-07-20 00:00:00
tidy security vulnerabilities
2015-07-20 00:00:00
APPLE-SA-2015-09-21-1 watchOS 2
2015-10-05 00:00:00
nessus
nessus
SUSE SLED11 Security Update : tidy (SUSE-SU-2015:1525-1)
2015-09-11 00:00:00
Ubuntu 14.04 LTS : HTML Tidy vulnerabilities (USN-2695-1)
2015-07-30 00:00:00
RHEL 6 : tidy (Unpatched Vulnerability)
2024-06-03 00:00:00
osv
osv
tidy - security update
2015-07-18 00:00:00
tidy - security update
2015-07-18 00:00:00
libtidy-devel-5.2.0-2.3 on GA media
2024-06-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2695-1)
2015-07-30 00:00:00
Debian Security Advisory DSA 3309-1 (tidy - security update)
2015-07-18 00:00:00
Debian: Security Advisory (DLA-273-1)
2023-03-08 00:00:00
ubuntu
ubuntu
HTML Tidy vulnerabilities
2015-07-29 00:00:00
debian
debian
[SECURITY] [DLA 273-1] tidy security update
2015-07-18 10:09:52
[SECURITY] [DSA 3309-1] tidy security update
2015-07-18 17:11:56
freebsd
freebsd
tidy -- heap-buffer-overflow
2015-06-03 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.8

Confidence

High

EPSS

0.015

Percentile

87.2%

JSON
Related for NVD:CVE-2015-5522
ubuntucve2cvelist1prion1cve1securityvulns8nessus7osv3openvas4ubuntu1debian2freebsd1