CVE-2017-17497

Published December 10th, 2017

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value.

htacg/tidy-html5

The granddaddy of HTML tools, with support for modern standards

GitHub

2.84K