at.willhaben.willtest:browserstack (>=1.0.0 <=1.1.8), at.willhaben.willtest:core (>=1.0.0 <=1.1.8) +417 more potentially affected by CVE-2022-28366 via net.sourceforge.htmlunit:neko-htmlunit (>=2.21 <=2.25)

net.sourceforge.htmlunit:neko-htmlunit MAVEN version =2.21, =1.0.0, =1.0.0, =1.0.0, =1, =0.0.10, =0.14, =1.0, =3.6.1, =2.60, =0.0.1, =16.07.16, =16.10.21 and more Source cves: CVE-2022-28366 Source advisory: OSV:GHSA-G9HH-VVX3-V37V...

GHSA-G9HH-VVX3-V37V Denial of service in HtmlUnit-Neko

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

Denial of service in HtmlUnit-Neko

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

Denial Of Service (DoS)

htmlunit is vulnerable to denial of service. An attacker can cause excessive heap memory consumption by providing malicious processing instructions to the compileString function of HtmlUnitContextFactory.java, leading to an application crash...

DEBIAN-CVE-2022-28366

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

CVE-2022-28366

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

UBUNTU-CVE-2022-28366

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

Input validation

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

CVE-2022-28366

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

CVE-2022-28366

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

CVE-2022-28366

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

CVE-2022-28366

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

HtmlUnit 安全漏洞

HtmlUnit is an open source java page analysis tool that reads a page and can be used effectively to analyze the content on the page using HtmlUnit. A security vulnerability exists in HtmlUnit Neko 2.26 that allows denial of service via crafted Processing Instruction PI input, which can lead to...

PT-2022-18975 · Owasp +2 · Owasp Antisamy +4

Name of the Vulnerable Software and Affected Versions: HtmlUnit-Neko versions 2.26 and earlier CyberNeko HTML versions 1.9.22 and earlier OWASP AntiSamy versions 1.6.6 and earlier Description: Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input...

Mageia: Security Advisory (MGASA-2021-0148)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-5529

HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is...

Updated htmlunit packages fix security vulnerability

It was discovered that HtmlUnit incorrectly initialized Rhino engine. An Attacker could possibly use this issue to execute arbitrary Java code CVE-2020-5529...

MGASA-2021-0148 Updated htmlunit packages fix security vulnerability

It was discovered that HtmlUnit incorrectly initialized Rhino engine. An Attacker could possibly use this issue to execute arbitrary Java code CVE-2020-5529...

Ubuntu 16.04 LTS : HtmlUnit vulnerability (USN-4584-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4584-1 advisory. It was discovered that HtmlUnit incorrectly initialized Rhino engine. An Attacker could possibly use this issue to execute arbitrary Java code. Tenable has...

Ubuntu: Security Advisory (USN-4584-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...