Description

An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

Remediation

References

https://github.com/amplafi/htmlcleaner/issues/13

https://lists.debian.org/debian-lts-announce/2023/08/msg00007.html

https://www.debian.org/security/2023/dsa-5471

Related Vulnerabilities

CVE-2022-22969 Vulnerability in maven package org.springframework.security.oauth:spring-security-oauth

CVE-2023-50732 Vulnerability in maven package org.xwiki.platform:xwiki-platform-index-tree-macro

CVE-2022-42003 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

CVE-2022-43417 Vulnerability in maven package org.jenkins-ci.plugins:katalon

CVE-2021-23397 Vulnerability in npm package @ianwalter/merge

Severity

High

Classification

CWE-787 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Exploit Issue Tracking Third Party Advisory