CVE-2015-5522
Publication date 16 July 2015
Last updated 24 July 2024
Ubuntu priority
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
Status
Package | Ubuntu Release | Status |
---|---|---|
tidy | ||
14.04 LTS trusty |
Fixed 20091223cvs-1.2ubuntu1.1
|
|
References
Related Ubuntu Security Notices (USN)
- USN-2695-1
- HTML Tidy vulnerabilities
- 29 July 2015