Lucene search
GoogleOSV:GHSA-G9HH-VVX3-V37VHistoryApr 23, 2022 - 12:03 a.m.
Denial of service in HtmlUnit-Neko
2022-04-2300:03:04
Google
osv.dev
9
denial of service
htmlunit-neko
cyberneko html
html parsers
processing instruction
heap memory consumption
owasp antisamy
cve-2022-24939
vulnerability
software
EPSS
0.001
Percentile
44.0%
Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction (PI) input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 (also affecting OWASP AntiSamy before 1.6.6), but 1.9.22 is the last version of CyberNeko HTML. NOTE: this may be related to CVE-2022-24939.
Related
github
github
Denial of service in HtmlUnit-Neko
2022-04-23 00:03:04
cvelist
cvelist
CVE-2022-24939 Malformed Zigbee packet with invalid destination address causes Assert
2022-11-17 23:35:55
CVE-2022-28366
2022-04-21 22:41:53
CVE-2022-29546
2022-04-25 02:54:59
nvd
nvd
cve
cve
prion
prion
Stack overflow
2022-11-18 00:15:00
Input validation
2022-04-21 23:15:00
Design/Logic Flaw
2022-04-25 03:15:00
veracode
veracode
Denial Of Service (DoS)
2022-04-22 08:18:14
atlassian
atlassian
nessus
nessus
Atlassian Jira Service Management Data Center and Server 4.20 < 4.20.28 / 5.4.x < 5.4.12 / 5.5.x < 5.11.3 / 5.12.0 (JSDSERVER-14921)
2024-01-12 00:00:00
ubuntucve
ubuntucve
CVE-2022-28366
2022-04-21 00:00:00
debiancve
debiancve
CVE-2022-28366
2022-04-21 23:15:10
osv
osv
CVE-2022-28366
2022-04-21 23:15:10
CVE-2022-29546
2022-04-25 03:15:07
ibm
ibm