Lucene search
GoogleOSV:GHSA-G9HH-VVX3-V37VHistoryApr 23, 2022 - 12:03 a.m.
Denial of service in HtmlUnit-Neko
2022-04-2300:03:04
Google
osv.dev
5
0.001 Low
EPSS
Percentile
44.0%
Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction (PI) input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 (also affecting OWASP AntiSamy before 1.6.6), but 1.9.22 is the last version of CyberNeko HTML. NOTE: this may be related to CVE-2022-24939.
Related
github
github
Denial of service in HtmlUnit-Neko
2022-04-23 00:03:04
cve
cve
cvelist
cvelist
CVE-2022-24939 Malformed Zigbee packet with invalid destination address causes Assert
2022-11-17 23:35:55
CVE-2022-28366
2022-04-21 22:41:53
CVE-2022-29546
2022-04-25 02:54:59
nvd
nvd
prion
prion
Stack overflow
2022-11-18 00:15:00
Design/Logic Flaw
2022-04-25 03:15:00
Input validation
2022-04-21 23:15:00
veracode
veracode
Denial Of Service (DoS)
2022-04-22 08:18:14
atlassian
atlassian
nessus
nessus
Atlassian Jira Service Management Data Center and Server 4.20 < 4.20.28 / 5.4.x < 5.4.12 / 5.5.x < 5.11.3 / 5.12.0 (JSDSERVER-14921)
2024-01-12 00:00:00
osv
osv
CVE-2022-29546
2022-04-25 03:15:07
CVE-2022-28366
2022-04-21 23:15:10
debiancve
debiancve
CVE-2022-28366
2022-04-21 23:15:10
ubuntucve
ubuntucve
CVE-2022-28366
2022-04-21 00:00:00
ibm
ibm