Lucene search
K

158 matches found

RedHat Linux
RedHat Linux
added 2021/12/15 2:42 p.m.5 views

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/12/15 2:38 p.m.2 views

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/12/15 2:38 p.m.49 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.10 security update on RHEL 7

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS6.7AI score0.10448EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.2 views

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.101 views

Critical: Red Hat Security Advisory: Red Hat Fuse 7.10.0 release and security update

A minor version update from 7.9 to 7.10 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring...

10CVSS7.1AI score0.99999EPSS
Exploits388References58
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/25 4:13 p.m.48 views

Security Bulletin: Vulnerability in jsoup may affect Cúram Social Program Management (CVE-2021-37714)

Summary IBM Cúram Social Program Management uses the jsoup libraries, for which there is a publicly known vulnerability. For this vulnerability jsoup is susceptible to a denial of service attack, caused by improper input validation. Vulnerability Details CVEID: CVE-2021-37714 DESCRIPTION: jsoup i...

7.5CVSS7.3AI score0.06873EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2021/11/15 5:18 p.m.77 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.2 security update on RHEL 8

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS6.7AI score0.06873EPSS
Exploits0References28
RedHat Linux
RedHat Linux
added 2021/11/15 5:18 p.m.5 views

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/15 5:14 p.m.4 views

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/15 5:14 p.m.59 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.2 security update on RHEL 7

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS6.7AI score0.06873EPSS
Exploits0References28
RedHat Linux
RedHat Linux
added 2021/11/15 5:5 p.m.2 views

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/01 6:23 a.m.38 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in jsoup

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of jsoup. Vulnerability Details CVEID: CVE-2021-37714 DESCRIPTION: jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could...

7.5CVSS1AI score0.06873EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/09/06 11:3 a.m.4 views

OESA-2021-1335 jsoup security update

jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. Security Fixes: jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse...

7.5CVSS7.5AI score0.06873EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2021/08/23 7:42 p.m.5 views

ai.preferred:venom (>=4.0.1 <=4.2.7), ai.stainless:grails-tika (=0.1.0) +6868 more potentially affected by CVE-2021-37714 via org.jsoup:jsoup (>=0.2.2 <=1.14.1)

org.jsoup:jsoup MAVEN version =0.2.2, =4.0.1, =3.4.0, =3.4.0, =0.9.6, =0.9.6, =0.1.1, =0.5.0, =2021.9.1, =2021.9.1, =2023.1.1 and more Source cves: CVE-2021-37714 Source advisory: OSV:GHSA-M72M-MHQ2-9P6C...

7.5CVSS6.6AI score0.06873EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2021/08/23 7:42 p.m.123 views

Uncaught Exception in jsoup

Impact What kind of vulnerability is it? Who is impacted? Those using jsoup to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until cancelled, to comple...

7.5CVSS7.3AI score0.06873EPSS
Exploits0References16Affected Software1
OSV
OSV
added 2021/08/23 7:42 p.m.3 views

GHSA-M72M-MHQ2-9P6C Uncaught Exception in jsoup

Impact What kind of vulnerability is it? Who is impacted? Those using jsoup to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until cancelled, to comple...

7.5CVSS6.8AI score0.06873EPSS
Exploits0References16
Veracode
Veracode
added 2021/08/19 2:33 a.m.29 views

Denial Of Service

jsoup is vulnerable to denial of service. An attacker is able to exploit the vulnerability by injecting malicious content that will cause the reconstructFormattingElements parser to get stuck in an indefinite loop until it gets cancelled...

7.5CVSS4AI score0.06873EPSS
Exploits0References21Affected Software23
NCSC
NCSC
added 2021/08/19 12:0 a.m.2 views

Vulnerability fixed in jsoup

A vulnerability has been fixed in jsoup. The vulnerability allows a remote malicious party to cause a denial-of-service. cause. The developers of jsoup have released updates to fix the vulnerability. More information can be found on the pages below:...

7.5CVSS6.7AI score0.06873EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/08/18 5:35 p.m.55 views

CVE-2021-37714

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS1.1AI score0.06873EPSS
Exploits0References4
OSV
OSV
added 2021/08/18 3:15 p.m.1 views

DEBIAN-CVE-2021-37714

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.4AI score0.06873EPSS
Exploits0References1
Rows per page
Query Builder