Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2022-29546

Published: 25/04/2022 Updated: 07/12/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Htmlunit

Vulnerability Summary

HtmlUnit NekoHtml Parser prior to 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction (PI) data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

htmlunit htmlunit

Github Repositories

https://github.com/HtmlUnit/htmlunit-neko

HtmlUnit adaptation of NekoHtml

HtmlUnit - NekoHtml Parser This is the code repository of the HTML parser used by HtmlUnit HtmlUnit has been using CyberNeko HTML parser (nekohtmlsourceforgenet/) for a long time But since the development was discontinued around 2014, we started our own fork, which now has many improvements As of version 2680, neko-htmlunit also uses its own fork of Xerces (https:

References

NVD-CWE-noinfohttps://github.com/HtmlUnit/htmlunit-neko/security/advisories/GHSA-6jmm-mp6w-4rrghttps://nvd.nist.govhttps://github.com/HtmlUnit/htmlunit-neko
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook