OESA-2022-1683 clamav security update

Clam AntiVirus clamav is an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command...

new packages: perl-HTML-Parser

An update is available for perl-HTML-Parser. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

CVE-2022-20785

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

DEBIAN-CVE-2022-20785

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

ALPINE-CVE-2022-20785

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

CVE-2022-20785

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

Design/Logic Flaw

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

UBUNTU-CVE-2022-20785

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

Mageia: Security Advisory (MGASA-2022-0158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Chromium: CVE-2022-1498 Inappropriate implementation in HTML Parser

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Denial Of Service (DoS)

chrome is vulnerable to denial of service. The vulnerability exists due to an Inappropriate implementation in HTML Parser...

KLA12519 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 30 security fixes, including: 1313905 High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park SeHwa on 2022-04-06 1299261 High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park SeHwa on 2022-02-20 1305190 High...

KLA12517 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Input can...

Design/Logic Flaw

org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when parsing ill-formed HTML markup. Users are advised to upgrade to = 1.9.22.noko2. Note: The upstream library org.cyberneko.html is no long...

CVE-2022-24839

org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when parsing ill-formed HTML markup. Users are advised to upgrade to = 1.9.22.noko2. Note: The upstream library org.cyberneko.html is no long...

CVE-2022-24839

CVE-2022-24839 affects the Nokogiri fork of org.cyberneko.html (Sparkle Motion Nokogiri). The fork raises a java.lang.OutOfMemoryError when parsing ill-formed HTML markup, causing potential denial of service. Upgrading to nokogiri fork version >= 1.9.22.noko2 is recommended. The upstream org.c...

CVE-2022-24839

org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when parsing ill-formed HTML markup. Users are advised to upgrade to = 1.9.22.noko2. Note: The upstream library org.cyberneko.html is no long...

Denial Of Service (DoS)

chrome is vulnerable to denial of service. The vulnerability exists due to an inappropriate implementation in HTML parser allowing an attacker to crash the system...

Chromium: CVE-2022-0801 Inappropriate implementation in HTML parser

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...