DSA-5471-1 libhtmlcleaner-java -- libhtmlcleaner-javaID: oval:org.secpod.oval:def:612607 | Date: (C)2023-08-25 (M)2023-12-01 |
Class: PATCH | Family: unix |
A security vulnerability has been discovered in libhtmlcleaner-java, a Java HTML parser library. An attacker was able to cause a denial of service if the parser runs on user supplied input with deeply nested HTML elements. This update introduces a new nesting depth limit which can be overridden in cleaner properties.
Platform: |
Debian 12.x |
Debian 11.x |
Product: |
libhtmlcleaner-java |