tidy (SUSE:Linux Enterprise Software Development Kit 11 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 11 SP4 package tidy, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2015-5522 — CVSS 6.8 (medium): Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service…
CVE-2015-5523 — CVSS 4.3 (medium): The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving…