Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 3 of 3 results

CVE-2021-33391

Medium priority

Some fixes available 6 of 8

An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c.

1 affected packages

tidy-html5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tidy-html5 Fixed Fixed Fixed Vulnerable Ignored
Show less packages

CVE-2017-17497

Low priority
Ignored

In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because the currentNode variable in the "children of the head" processing feature is modified in the...

2 affected packages

tidy, tidy-html5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tidy Not in release Not in release Not affected
tidy-html5 Not affected Not affected Not in release
Show less packages

CVE-2017-13692

Medium priority
Not affected

In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument.

2 affected packages

tidy, tidy-html5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tidy Not affected
tidy-html5 Not in release
Show less packages