2 matches found
jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
PT-2021-7857 · Google +5 · Protobuf-Java +5
Name of the Vulnerable Software and Affected Versions: protobuf-java affected versions not specified Description: The issue is related to the incorrect order of actions in the Protobuf data serialization protocol analysis component. This allows a remote attacker to cause a denial of service. A...