6 matches found
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by Denial of Service attack due to CyberNeko HTML Parser
Summary Security Bulletin: CyberNeko HTML is used by IBM Operations Analytics - Log Analysis as document ingestion in Logstash CVE-2022-29546, CVE-2022-24839, CVE-2022-28366 Vulnerability Details CVEID:CVE-2022-29546 DESCRIPTION: HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of...
CVE-2022-29546
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...
Atlassian Jira Service Management Data Center and Server 4.20.x < 4.20.28 / 5.4.x < 5.4.12 / 5.5.x < 5.11.3 / 5.12.0 (JSDSERVER-14873)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-14873 advisory. - HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input...
CVE-2022-29546
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...
CVE-2022-29546
CVE-2022-29546 : HtmlUnit NekoHtml Parser before 2.61.0 has a denial-of-service vulnerability via crafted Processing Instructions that triggers heap memory consumption. The issue is triggered during PI data parsing and is described as similar to CVE-2022-28366 but affecting a much newer version. ...
CVE-2022-29546
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...