CVE-2022-29546

CVE-2022-29546 : HtmlUnit NekoHtml Parser before 2.61.0 has a denial-of-service vulnerability via crafted Processing Instructions that triggers heap memory consumption. The issue is triggered during PI data parsing and is described as similar to CVE-2022-28366 but affecting a much newer version. ...

PT-2022-7028 · Atlassian +2 · Jira +5

Name of the Vulnerable Software and Affected Versions: HtmlUnit NekoHtml Parser versions prior to 2.61.0 Oracle WebLogic Server affected versions not specified Oracle Fusion Middleware affected versions not specified Jira Service Management affected versions not specified Jira Work Management...

HtmlUnit 安全漏洞

HtmlUnit is an open source java page analysis tool that reads a page and can be used effectively to analyze the content on the page using HtmlUnit. HtmlUnit NekoHtml Parser2.61.0 A security vulnerability previously existed in which a crafted input related to Processing Instruction PI data parsing...

Denial Of Service (DoS)

nekohtml is vulnerable to denial of service. The vulnerability exists due to a memory corruption allowing an attacker to crash the system via a maliciously crafted HTML markup...

UBUNTU-CVE-2022-24839

org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when parsing ill-formed HTML markup. Users are advised to upgrade to = 1.9.22.noko2. Note: The upstream library org.cyberneko.html is no long...

Denial of Service (DoS) in Nokogiri on JRuby

Summary Nokogiri v1.13.4 updates the vendored org.cyberneko.html library to 1.9.22.noko2 which addresses CVE-2022-24839. That CVE is rated 7.5 High Severity. See GHSA-9849-p7jc-9rmv for more information. Please note that this advisory only applies to the JRuby implementation of Nokogiri = 1.13.4...

CVE-2022-24839 Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork)

org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when parsing ill-formed HTML markup. Users are advised to upgrade to = 1.9.22.noko2. Note: The upstream library org.cyberneko.html is no long...

PT-2022-7276

Name of the Vulnerable Software and Affected Versions Nokogiri versions prior to 1.9.22.noko2 Description The issue is related to uncontrolled resource consumption when parsing ill-formed HTML markup, which can lead to a java.lang.OutOfMemoryError exception. This can be exploited by a remote...

nekohtml资源管理错误漏洞

nekohtml is a simple HTML scanner and tag compensator. A resource management error vulnerability exists in nekohtml, which stems from the fact that "org.cyberneko.html" used by Nokogiri Rubygem throws a "java.lang. OutOfMemoryError" exception when parsing malformed HTML markup...