CVE-2015-5522

Published August 11th, 2015

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.

htacg/tidy-html5

The granddaddy of HTML tools, with support for modern standards

GitHub

2.84K