Astra Linux - уязвимость в jsoup

jsoup is a Java HTML parser designed for HTML editing, cleaning, scraping, and XSS Cross-Site Scripting protection. However, jsoup may incorrectly sanitize HTML containing javascript: URLs, which could allow XSS attacks when a user clicks on those links. If the non-default...

Astra Linux - уязвимость в jsoup

jsoup is a Java library for working with HTML. Users of jsoup versions prior to 1.14.2 who parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user-supplied input, an attacker may provide content that causes the parser to become stuck loop indefinitely until...

EUVD-2021-1791

Malware in sbrugna...

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

Medium: jsoup

Issue Overview: jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop...

Medium: jsoup

Issue Overview: jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop...

Amazon Linux 2 : jsoup (ALAS-2025-2813)

The version of jsoup installed on the remote host is prior to 1.16.1-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2813 advisory. jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be...

Medium: jsoup

Issue Overview: jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

The vulnerability of the Java library for analyzing, extracting, and managing data in HTML documents, jsoup, is related to deficiencies in handling exceptional states, allowing attackers to trigger a service failure.

The vulnerability of the Java library for analyzing, extracting, and managing data in HTML documents, known as jsoup, is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow an attacker to cause service interruptions...

Security Bulletin: There is a security vulnerability in jsoup used by IBM Maximo Asset Management (CVE-2022-36033)

Summary There is a security vulnerability in jsoup used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2022-36033 DESCRIPTION: jsoup is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability usi...

Security Bulletin: There is a vulnerability in jsoup used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-36033)

Summary There is a vulnerability in jsoup used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-36033 DESCRIPTION: jsoup is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could explo...

Security Bulletin: IBM Workload Scheduler potentially affected by jsoup XSS attacks (CVE-2022-36033)

Summary IBM Workload Scheduler is vulnerable to XSS attacks caused by jsoup, which may incorrectly sanitize HTML including javascript: URL expressions. Vulnerability Details CVEID:CVE-2022-36033 DESCRIPTION: jsoup is vulnerable to cross-site scripting, caused by improper validation of user-suppli...

Security Bulletin: IBM Security Verify Governance is vulnerable to denial of service and cross-site scripting due to use of jsoup (CVE-2021-37714, CVE-2015-6748)

Summary IBM Security Verify Governance uses jsoup which is vulnerable to denial of service and cross-site scripting by a remote attacker, caused by improper input validation CVE-2021-37714, CVE-2015-6748. The fix includes upgrading the jsoup jar to the patched version. Vulnerability Details...

Security Bulletin: IBM Security Guardium is affected by a jsoup vulnerability (CVE-2021-37714)

Summary IBM Security Guardium has fixed this vulnerability. Vulnerability Details CVEID:CVE-2021-37714 DESCRIPTION: jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause th...

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

UBUNTU-CVE-2022-36033

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

The vulnerability of the SafeList.preserveRelativeLinks parameter in the Java library for analyzing, extracting, and managing data in HTML documents (jsoup) allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the SafeList.preserveRelativeLinks parameter in the Java library for analyzing, extracting, and managing data in HTML documents using jsoup is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow attackers to...

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

at.bestsolution:at.bestsolution.maven.publisher (>=1.0.0 <=1.1.1), at.newmedialab.ldpath:ldpath-functions-html (=0.9.13) +2717 more potentially affected by CVE-2015-6748 via org.jsoup:jsoup (>=1.6.0 <=1.8.2)

org.jsoup:jsoup MAVEN version =1.6.0, =1.0.0, =0.3.1, =0.1.0, =1.0, =1.0, =1.16.0, =2.2.0 and more Source cves: CVE-2015-6748 Source advisory: OSV:GHSA-48RH-QGJR-XFJ6...

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...