CVE-2022-29546 in Htmlunitproject and Htmlunit Products
Published on April 25, 2022
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction (PI) data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product.
Products Associated with CVE-2022-29546
stack.watch emails you whenever new vulnerabilities are published in Htmlunitproject Htmlunit or Htmlunit. Just hit a watch button to start following.
Vulnerable Packages
The following package name and versions may be associated with CVE-2022-29546
| Package Manager | Vulnerable Package | Versions | Fixed In |
|---|---|---|---|
| maven | net.sourceforge.htmlunit:neko-htmlunit | < 2.61.0 | 2.61.0 |
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.