Common Weakness Enumeration

CWE-755

Discouraged

Improper Handling of Exceptional Conditions

Abstraction: Class · Status: Incomplete

The product does not handle or incorrectly handles an exceptional condition.

686 vulnerabilities reference this CWE, most recent first.

GHSA-C474-F694-3XX6

Vulnerability from github – Published: 2022-05-24 17:00 – Updated: 2022-05-24 17:00
VLAI
Details

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the package using FTP protocol.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-6842"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-29T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the package using FTP protocol.",
  "id": "GHSA-c474-f694-3xx6",
  "modified": "2022-05-24T17:00:05Z",
  "published": "2022-05-24T17:00:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6842"
    },
    {
      "type": "WEB",
      "url": "https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02"
    },
    {
      "type": "WEB",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2019-281-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-C4PM-63CG-9J7H

Vulnerability from github – Published: 2022-12-08 15:52 – Updated: 2025-01-17 17:06
VLAI
Summary
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List
Details

Impact

Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. Applications that do not use this feature are not affected.

Patches

Upgrade to 7.9.0

Workarounds

Catch and discard any exceptions from Yauaa.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-beam"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-beam-sql"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-drill"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-elasticsearch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-elasticsearch-8"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-flink"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-flink-table"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-hive"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-logparser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-snowflake"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "nl.basjes.parse.useragent:yauaa-trino"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-23496"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-08T15:52:54Z",
    "nvd_published_at": "2022-12-08T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nApplications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. Applications that do not use this feature are not affected.\n\n### Patches\nUpgrade to 7.9.0\n\n### Workarounds\nCatch and discard any exceptions from Yauaa.\n",
  "id": "GHSA-c4pm-63cg-9j7h",
  "modified": "2025-01-17T17:06:53Z",
  "published": "2022-12-08T15:52:54Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nielsbasjes/yauaa/security/advisories/GHSA-c4pm-63cg-9j7h"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23496"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nielsbasjes/yauaa/commit/3017a866e2cff0d308f264b66fde4fa79e3beb9e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nielsbasjes/yauaa"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List"
}

GHSA-C5VR-66HV-6685

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2022-05-24 16:58
VLAI
Details

The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-0060"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-09T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.",
  "id": "GHSA-c5vr-66hv-6685",
  "modified": "2022-05-24T16:58:12Z",
  "published": "2022-05-24T16:58:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0060"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10959"
    },
    {
      "type": "WEB",
      "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-C5W8-CWH4-JH73

Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36
VLAI
Details

fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-7496"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-391",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-26T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories.",
  "id": "GHSA-c5w8-cwh4-jh73",
  "modified": "2022-05-13T01:36:20Z",
  "published": "2022-05-13T01:36:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7496"
    },
    {
      "type": "WEB",
      "url": "https://pagure.io/arm-image-installer/pull-request/10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C5X8-2V3C-Q27C

Vulnerability from github – Published: 2023-04-18 00:32 – Updated: 2024-04-04 03:31
VLAI
Details

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be triggered by an attacker on the local broadcast domain. Packets routed to the device are unable to trigger this crash. This issue affects Juniper Networks Junos OS on JRR200: All versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S2, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2; 22.4 versions prior to 22.4R1-S1, 22.4R2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28970"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-703",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-17T22:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be triggered by an attacker on the local broadcast domain. Packets routed to the device are unable to trigger this crash. This issue affects Juniper Networks Junos OS on JRR200: All versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S2, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2; 22.4 versions prior to 22.4R1-S1, 22.4R2.",
  "id": "GHSA-c5x8-2v3c-q27c",
  "modified": "2024-04-04T03:31:29Z",
  "published": "2023-04-18T00:32:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28970"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA70594"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C6HX-PJC3-7FQR

Vulnerability from github – Published: 2022-10-10 21:23 – Updated: 2022-10-13 20:08
VLAI
Summary
Traefik HTTP/2 connections management could cause a denial of service
Details

Impact

There is a potential vulnerability in Traefik managing HTTP/2 connections. A closing HTTP/2 server connection could hang forever because of a subsequent fatal error. This failure mode could be exploited to cause a denial of service.

Patches

Traefik v2.8.x: https://github.com/traefik/traefik/releases/tag/v2.8.8 Traefik v2.9.x: https://github.com/traefik/traefik/releases/tag/v2.9.0-rc5

Workarounds

No workaround.

For more information

If you have any questions or comments about this advisory, please open an issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/traefik/traefik/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/traefik/traefik/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0-rc1"
            },
            {
              "fixed": "2.9.0-rc5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-39271"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-10-10T21:23:30Z",
    "nvd_published_at": "2022-10-11T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nThere is a potential vulnerability in Traefik managing HTTP/2 connections.\nA closing HTTP/2 server connection could hang forever because of a subsequent fatal error. This failure mode could be exploited to cause a denial of service.\n\n### Patches\n\nTraefik v2.8.x: https://github.com/traefik/traefik/releases/tag/v2.8.8\nTraefik v2.9.x: https://github.com/traefik/traefik/releases/tag/v2.9.0-rc5\n\n### Workarounds\n\nNo workaround.\n\n### For more information\n\nIf you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).\n",
  "id": "GHSA-c6hx-pjc3-7fqr",
  "modified": "2022-10-13T20:08:57Z",
  "published": "2022-10-10T21:23:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/security/advisories/GHSA-c6hx-pjc3-7fqr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39271"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/traefik/traefik"
    },
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/releases/tag/v2.8.8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/releases/tag/v2.9.0-rc5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Traefik HTTP/2 connections management could cause a denial of service"
}

GHSA-C8RX-QGHV-2WWG

Vulnerability from github – Published: 2022-04-12 00:00 – Updated: 2022-04-19 00:01
VLAI
Details

In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-20066"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-11T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729.",
  "id": "GHSA-c8rx-qghv-2wwg",
  "modified": "2022-04-19T00:01:24Z",
  "published": "2022-04-12T00:00:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20066"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/April-2022"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C9VM-HV86-F23R

Vulnerability from github – Published: 2026-04-10 19:20 – Updated: 2026-04-15 20:44
VLAI
Summary
justhtml includes multiple security fixes
Details

Summary

justhtml 1.15.0 includes multiple security fixes affecting URL sanitization helpers, HTML serialization, Markdown passthrough, and several custom sanitization-policy edge cases.

These issues have different impact levels and do not all affect the default configuration in the same way.

Affected versions

  • justhtml <= 1.14.0

Fixed version

  • justhtml 1.15.0 released on April 9, 2026

Impact overview

Helper and serialization issues

These issues could affect applications using JustHTML helpers or programmatic DOM construction, even outside the default HTML sanitization path.

  • JustHTML.clean_url_value(...) and clean_url_in_js_string(...) could accept URL values such as javascript&#58;..., which became active javascript: URLs after HTML attribute parsing.
  • URL sanitization could treat values like \\evil.example/x or /\\evil.example/x as safe relative URLs even though browsers could resolve them as remote requests.
  • Malformed bracketed hosts such as https://[evil.example]/x could raise exceptions and crash sanitization when host allowlists were used.
  • Programmatic element or attribute names containing markup-breaking characters could be serialized into active HTML.
  • Programmatic HTML comments containing --> could break out of the comment and inject live markup.

Markdown passthrough issue

  • to_markdown(html_passthrough=True) could reintroduce active HTML from sanitized <textarea> content by emitting a raw closing </textarea> sequence.

Custom policy issues

These issues affected custom policies more than the default safe configuration.

  • a[ping] was handled as a single URL even though browsers interpret it as a space-separated URL list.
  • attributionsrc was not treated as URL-bearing and could preserve attacker-controlled reporting endpoints.
  • link[imagesrcset] was not treated as URL-bearing and could preserve attacker-controlled image candidates.
  • Preserved <meta http-equiv="refresh"> tags could keep redirect targets without URL-policy enforcement.
  • Preserved <base href> tags could rewrite how later relative URLs resolved in the browser.
  • Preserved <style> blocks could keep resource-loading CSS such as @import, url(...), or image-set(...).
  • Mixed-case attribute names in custom transform pipelines could bypass or confuse security-related transforms such as DropAttrs(...), DropUrlAttrs(...), AllowStyleAttrs(...), and MergeAttrs(...).

Default configuration

Most of the custom-policy issues above did not affect the default JustHTML(..., sanitize=True) behavior.

The main exceptions were: - helper APIs such as clean_url_value(...) - programmatic DOM / serializer usage - applications explicitly using html_passthrough=True - applications using custom policies or custom transform pipelines

Recommended action

Upgrade to justhtml 1.15.0.

If you cannot upgrade immediately:

  • avoid html_passthrough=True for untrusted content
  • avoid preserving <style>, <meta http-equiv="refresh">, and <base href> in custom policies
  • avoid allowing ping, attributionsrc, or imagesrcset unless you explicitly validate them
  • avoid serializing untrusted programmatic node names, attribute names, or comment data
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.14.0"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "justhtml"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-178",
      "CWE-20",
      "CWE-755",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-10T19:20:04Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "## Summary\n\n`justhtml` `1.15.0` includes multiple security fixes affecting URL sanitization helpers, HTML serialization, Markdown passthrough, and several custom sanitization-policy edge cases.\n\nThese issues have different impact levels and do not all affect the default configuration in the same way.\n\n## Affected versions\n\n- `justhtml` `\u003c= 1.14.0`\n\n## Fixed version\n\n- `justhtml` `1.15.0` released on April 9, 2026\n\n## Impact overview\n\n### Helper and serialization issues\nThese issues could affect applications using JustHTML helpers or programmatic DOM construction, even outside the default HTML sanitization path.\n\n- `JustHTML.clean_url_value(...)` and `clean_url_in_js_string(...)` could accept URL values such as `javascript\u0026#58...`, which became active `javascript:` URLs after HTML attribute parsing.\n- URL sanitization could treat values like `\\\\evil.example/x` or `/\\\\evil.example/x` as safe relative URLs even though browsers could resolve them as remote requests.\n- Malformed bracketed hosts such as `https://[evil.example]/x` could raise exceptions and crash sanitization when host allowlists were used.\n- Programmatic element or attribute names containing markup-breaking characters could be serialized into active HTML.\n- Programmatic HTML comments containing `--\u003e` could break out of the comment and inject live markup.\n\n### Markdown passthrough issue\n- `to_markdown(html_passthrough=True)` could reintroduce active HTML from sanitized `\u003ctextarea\u003e` content by emitting a raw closing `\u003c/textarea\u003e` sequence.\n\n### Custom policy issues\nThese issues affected custom policies more than the default safe configuration.\n\n- `a[ping]` was handled as a single URL even though browsers interpret it as a space-separated URL list.\n- `attributionsrc` was not treated as URL-bearing and could preserve attacker-controlled reporting endpoints.\n- `link[imagesrcset]` was not treated as URL-bearing and could preserve attacker-controlled image candidates.\n- Preserved `\u003cmeta http-equiv=\"refresh\"\u003e` tags could keep redirect targets without URL-policy enforcement.\n- Preserved `\u003cbase href\u003e` tags could rewrite how later relative URLs resolved in the browser.\n- Preserved `\u003cstyle\u003e` blocks could keep resource-loading CSS such as `@import`, `url(...)`, or `image-set(...)`.\n- Mixed-case attribute names in custom transform pipelines could bypass or confuse security-related transforms such as `DropAttrs(...)`, `DropUrlAttrs(...)`, `AllowStyleAttrs(...)`, and `MergeAttrs(...)`.\n\n## Default configuration\n\nMost of the custom-policy issues above did **not** affect the default `JustHTML(..., sanitize=True)` behavior.\n\nThe main exceptions were:\n- helper APIs such as `clean_url_value(...)`\n- programmatic DOM / serializer usage\n- applications explicitly using `html_passthrough=True`\n- applications using custom policies or custom transform pipelines\n\n## Recommended action\n\nUpgrade to `justhtml` `1.15.0`.\n\nIf you cannot upgrade immediately:\n\n- avoid `html_passthrough=True` for untrusted content\n- avoid preserving `\u003cstyle\u003e`, `\u003cmeta http-equiv=\"refresh\"\u003e`, and `\u003cbase href\u003e` in custom policies\n- avoid allowing `ping`, `attributionsrc`, or `imagesrcset` unless you explicitly validate them\n- avoid serializing untrusted programmatic node names, attribute names, or comment data",
  "id": "GHSA-c9vm-hv86-f23r",
  "modified": "2026-04-15T20:44:03Z",
  "published": "2026-04-10T19:20:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/EmilStenstrom/justhtml/security/advisories/GHSA-c9vm-hv86-f23r"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/EmilStenstrom/justhtml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/EmilStenstrom/justhtml/compare/v1.14.0...v1.15.0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/EmilStenstrom/justhtml/releases/tag/v1.15.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "justhtml includes multiple security fixes"
}

GHSA-CCGJ-PH26-HF87

Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36
VLAI
Details

Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff to reset the device and reestablish a network connection to the Wi-Fi access point. During this state, the Philips IntelliVue MX40 Version B.06.18 can either connect to an alternative access point within signal range for association to a central monitoring station, or it can remain in local monitoring mode until the device is reset by hospital staff. CVSS v3 base score: 6.5, CVSS vector string: AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. Philips has released software update, Version B.06.18, to fix the improper cleanup on thrown exception vulnerability, and implement mitigations to reduce the risk associated with the improper handling of exceptional conditions vulnerability. The software update implements messaging and alarming on the MX40 and at the central monitoring station, when the MX40 disconnects from the access point.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9658"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-30T15:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff to reset the device and reestablish a network connection to the Wi-Fi access point. During this state, the Philips IntelliVue MX40 Version B.06.18 can either connect to an alternative access point within signal range for association to a central monitoring station, or it can remain in local monitoring mode until the device is reset by hospital staff. CVSS v3 base score: 6.5, CVSS vector string: AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. Philips has released software update, Version B.06.18, to fix the improper cleanup on thrown exception vulnerability, and implement mitigations to reduce the risk associated with the improper handling of exceptional conditions vulnerability. The software update implements messaging and alarming on the MX40 and at the central monitoring station, when the MX40 disconnects from the access point.",
  "id": "GHSA-ccgj-ph26-hf87",
  "modified": "2022-05-13T01:36:04Z",
  "published": "2022-05-13T01:36:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9658"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-255-01"
    },
    {
      "type": "WEB",
      "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/100813"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CFCV-4R42-7465

Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17
VLAI
Details

An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with IPv6 configured. Devices with only IPv4 configured are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0299"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-19T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with IPv6 configured. Devices with only IPv4 configured are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.",
  "id": "GHSA-cfcv-4r42-7465",
  "modified": "2022-05-24T19:17:55Z",
  "published": "2022-05-24T19:17:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0299"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11213"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.