158 matches found
jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.10 security update on RHEL 7
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
Critical: Red Hat Security Advisory: Red Hat Fuse 7.10.0 release and security update
A minor version update from 7.9 to 7.10 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring...
Security Bulletin: Vulnerability in jsoup may affect Cúram Social Program Management (CVE-2021-37714)
Summary IBM Cúram Social Program Management uses the jsoup libraries, for which there is a publicly known vulnerability. For this vulnerability jsoup is susceptible to a denial of service attack, caused by improper input validation. Vulnerability Details CVEID: CVE-2021-37714 DESCRIPTION: jsoup i...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.2 security update on RHEL 8
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.2 security update on RHEL 7
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in jsoup
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of jsoup. Vulnerability Details CVEID: CVE-2021-37714 DESCRIPTION: jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could...
OESA-2021-1335 jsoup security update
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. Security Fixes: jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse...
ai.preferred:venom (>=4.0.1 <=4.2.7), ai.stainless:grails-tika (=0.1.0) +6868 more potentially affected by CVE-2021-37714 via org.jsoup:jsoup (>=0.2.2 <=1.14.1)
org.jsoup:jsoup MAVEN version =0.2.2, =4.0.1, =3.4.0, =3.4.0, =0.9.6, =0.9.6, =0.1.1, =0.5.0, =2021.9.1, =2021.9.1, =2023.1.1 and more Source cves: CVE-2021-37714 Source advisory: OSV:GHSA-M72M-MHQ2-9P6C...
Uncaught Exception in jsoup
Impact What kind of vulnerability is it? Who is impacted? Those using jsoup to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until cancelled, to comple...
GHSA-M72M-MHQ2-9P6C Uncaught Exception in jsoup
Impact What kind of vulnerability is it? Who is impacted? Those using jsoup to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until cancelled, to comple...
Denial Of Service
jsoup is vulnerable to denial of service. An attacker is able to exploit the vulnerability by injecting malicious content that will cause the reconstructFormattingElements parser to get stuck in an indefinite loop until it gets cancelled...
Vulnerability fixed in jsoup
A vulnerability has been fixed in jsoup. The vulnerability allows a remote malicious party to cause a denial-of-service. cause. The developers of jsoup have released updates to fix the vulnerability. More information can be found on the pages below:...
CVE-2021-37714
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
DEBIAN-CVE-2021-37714
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...