29 matches found
Unity Linux 20.1070e Security Update: nekohtml (UTSA-2026-016755)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016755 advisory. org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when...
EUVD-2022-1649
Malicious code in bioql PyPI...
CVE-2022-29546
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...
OPENSUSE-SU-2024:12022-1 nekohtml-1.9.22.noko2-1.1 on GA media
These are all security issues fixed in the nekohtml-1.9.22.noko2-1.1 package on the GA media of openSUSE Tumbleweed...
The vulnerability of the html-code analyzer NekoHTML in the Nokogiri software library allows a perpetrator to trigger a service failure.
The vulnerability of the html-code analyzer NekoHTML in the Nokogiri software library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Fedora: Security Advisory for nekohtml (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: nekohtml-1.9.22-26.fc40
NekoHTML is a simple HTML scanner and tag balancer that enables application programmers to parse HTML documents and access the information using standard XML interfaces. The parser can scan HTML files and "fix up" many common mistakes that human and computer authors make in writing HTML documents...
DoS (Denial of Service) net.sourceforge.nekohtml:nekohtml Dependency in Jira Software Data Center and Server
This High severity net.sourceforge.nekohtml:nekohtml Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, and 9.9.0 of Jira Software Data Center and Server. This net.sourceforge.nekohtml:nekohtml Dependency vulnerability, with a CVSS...
Atlassian Jira Service Management Data Center and Server 4.20.x < 4.20.28 / 5.4.x < 5.4.12 / 5.5.x < 5.11.3 / 5.12.0 (JSDSERVER-14873)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-14873 advisory. - HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input...
DoS (Denial of Service) net.sourceforge.nekohtml:nekohtml Vulnerability in Jira Service Management Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 4.20.0, 5.4.0, 5.5.0, 5.6.0, 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) net.sourceforge.nekohtml:nekohtml Vulnerability in Jira Service Management Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 4.20.0, 5.4.0, 5.5.0, 5.6.0, 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
The vulnerability of the Centralized Third-party JAR component (NekoHTML) of the Oracle WebLogic Server application server and the Oracle Fusion Middleware software platform, which allows a attacker to perform a “denial-of-service” attack.
The vulnerability of the Centralized Third-party JAR component NekoHTML of the Oracle WebLogic Server application server and the Oracle Fusion Middleware software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to carry out a DoS...
GHSA-9849-P7JC-9RMV org.nokogiri:nekohtml vulnerable to Uncontrolled Resource Consumption
Summary The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when parsing ill-formed HTML markup. Severity The maintainers have evaluated this as High Severity 7.5 CVSS3.1. Mitigation Upgrade to = 1.9.22.noko2. Credit This vulnerability was reporte...
GHSA-6JMM-MP6W-4RRG OutOfMemory Exception by specifically crafted processing instruction in NekoHtml Parser
Impact NekoHtml Parser suffers from a denial of service vulnerability on versions 2.60.0 and below. A specifically crafted input regarding the parsing of processing instructions leads to heap memory consumption. Please update to version 2.61.0. For more information If you have any questions or...
OutOfMemory Exception by specifically crafted processing instruction in NekoHtml Parser
Impact NekoHtml Parser suffers from a denial of service vulnerability on versions 2.60.0 and below. A specifically crafted input regarding the parsing of processing instructions leads to heap memory consumption. Please update to version 2.61.0. For more information If you have any questions or...
CVE-2022-29546
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...
CVE-2022-29546
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...
CVE-2022-29546
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...
Design/Logic Flaw
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...
CVE-2022-29546
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction PI data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product...