Lucene search
K

158 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-36033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including...

6.1CVSS6.5AI score0.01208EPSS
Exploits1References4
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.33 views

CVE-2021-37714 affecting package jsoup 1.11.3-3

CVE-2021-37714 affecting package jsoup 1.11.3-3. No patch is available currently...

7.5CVSS7.8AI score0.06873EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.157 views

CVE-2022-36033 affecting package jsoup 1.11.3-3

CVE-2022-36033 affecting package jsoup 1.11.3-3. No patch is available currently...

6.1CVSS8AI score0.01208EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/10/14 6:7 p.m.3 views

jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled

A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting XSS safety. An issue in jsoup may incorrectly sanitize HTML, including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the...

6.1CVSS6.9AI score0.01208EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/10/14 6:1 p.m.3 views

jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled

A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting XSS safety. An issue in jsoup may incorrectly sanitize HTML, including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the...

6.1CVSS6.9AI score0.01208EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/10/14 6:1 p.m.2 views

jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled

A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting XSS safety. An issue in jsoup may incorrectly sanitize HTML, including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the...

6.1CVSS6.9AI score0.01208EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/10/14 6:1 p.m.5 views

jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled

A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting XSS safety. An issue in jsoup may incorrectly sanitize HTML, including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the...

6.1CVSS6.9AI score0.01208EPSS
Exploits1References4
Redos
Redos
added 2024/08/26 12:0 a.m.24 views

ROS-20240826-07

A vulnerability in the SafeList.preserveRelativeLinks parameter of the Java library for analyzing, retrieving, and manipulating data in HTML jsoup documents is related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker to...

6.1CVSS6.1AI score0.01208EPSS
Exploits1
OSV
OSV
added 2024/06/15 12:0 a.m.18 views

OPENSUSE-SU-2024:10882-1 jsoup-1.14.2-1.2 on GA media

These are all security issues fixed in the jsoup-1.14.2-1.2 package on the GA media of openSUSE Tumbleweed...

7.5CVSS7.7AI score0.06873EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.5 views

OPENSUSE-SU-2024:12413-1 jsoup-1.15.3-1.1 on GA media

These are all security issues fixed in the jsoup-1.15.3-1.1 package on the GA media of openSUSE Tumbleweed...

6.1CVSS6.4AI score0.01208EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 9 : jsoup (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled...

6.1CVSS6.4AI score0.01208EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 8 : jsoup (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck CVE-2021-37714 - jsoup: The jso...

7.5CVSS7.5AI score0.06873EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.37 views

RHEL 7 : jsoup (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck CVE-2021-37714 - jsoup: The jso...

7.5AI score0.06873EPSS
Exploits1References2
OSV
OSV
added 2024/03/08 11:7 a.m.2 views

OESA-2024-1255 jsoup security update

jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. Security Fixes: jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting...

6.1CVSS7.2AI score0.01208EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.13 views

Fedora: Security Advisory for jsoup (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.26 views

[SECURITY] Fedora 40 Update: jsoup-1.17.2-2.fc40

jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern...

8.8CVSS8.9AI score0.02557EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2024/03/05 12:0 a.m.5 views

The vulnerability of the Java library for analyzing, extracting, and managing data in HTML documents, jsoup, arises from the lack of protection for website structure. This allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the Java library for analyzing, extracting, and managing data in HTML documents, known as jsoup, is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks...

6.4CVSS6.5AI score0.02207EPSS
Exploits0References4Affected Software7
Amazon
Amazon
added 2024/02/19 12:0 a.m.3 views

Medium: jsoup

Issue Overview: jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

6.1CVSS7.4AI score0.01208EPSS
Exploits1
Amazon
Amazon
added 2024/02/19 12:0 a.m.36 views

Medium: jsoup

Issue Overview: jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

6.1CVSS6.8AI score0.01208EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/02/19 12:0 a.m.45 views

Amazon Linux 2 : jsoup (ALAS-2024-2466)

The version of jsoup installed on the remote host is prior to 1.6.1-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2466 advisory. jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly...

6.1CVSS6.5AI score0.01208EPSS
Exploits1References4
Rows per page
Query Builder