16 matches found
openSUSE: Security Advisory for jtidy (SUSE-SU-2023:3164-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Denial of Service vulnerability affect IBM Business Automation Workflow - CVE-2023-34623
Summary IBM Business Automation Workflow repackages parts of IBM Content Navigator attack. CVE-2023-34623 has been addressed. Vulnerability Details CVEID:CVE-2023-34623 DESCRIPTION: jtidy is vulnerable to a denial of service, caused by an out-of-bounds write error. By using a specially crafted...
Medium: jtidy
Issue Overview: An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CVE-2023-34623 Affected Packages: jtidy Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Vis...
Medium: jtidy
Issue Overview: An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CVE-2023-34623 Affected Packages: jtidy Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Vis...
Amazon Linux 2 : jtidy (ALAS-2024-2461)
The version of jtidy installed on the remote host is prior to 1.0-0.16.20100930svn1125. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2461 advisory. An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts v...
Medium: jtidy
Issue Overview: An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CVE-2023-34623 Affected Packages: jtidy Issue Correction: Run dnf update jtidy --releasever 2023.3.20240108 or dnf...
Amazon Linux 2023 : jtidy, jtidy-javadoc (ALAS2023-2024-478)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-478 advisory. An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CVE-2023-34623 Tenable has extracted...
Security Bulletin: Fix for BIRT Report Engine that is vulnerable due to nested jtidy.jar r938
Summary BIRT report engine bundled in IBM DevOps Model Architect v1.0 is vulnerable as it has a nested jtidy.jar r938. Vulnerability Details CVEID:CVE-2023-34623 DESCRIPTION: jtidy is vulnerable to a denial of service, caused by an out-of-bounds write error. By using a specially crafted object th...
SUSE-SU-2023:3165-1 Security update for jtidy
This update for jtidy fixes the following issues: - CVE-2023-34623: Fixed crash when parsing documents with excessive nesting bsc1212404...
SUSE-SU-2023:3016-1 Security update for jtidy
This update for jtidy fixes the following issues: - CVE-2023-34623: Prevent crash when parsing documents with excessive nesting bsc1212404...
SUSE CVE-2023-34623
An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
CVE-2023-34623
An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
CVE-2023-34623
An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
CVE-2023-34623
An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
CVE-2023-34623
An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
CVE-2023-34623
The CVE-2023-34623 issue affects jtidy with a denial-of-service via a crafted object that uses cyclic dependencies (root cause: out-of-bounds/write/cyclic dependency handling). Documented impact is CVSS v3.1 base score 7.5 (HIGH), network vector, no privileges required, no user interaction; avail...