Every CVE whose affected-product data names Htacg Tidy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-33391 — CVSS 9.8 (critical): An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c.
CVE-2017-13692 — CVSS 7.5 (high): In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated…
CVE-2017-17497 — CVSS 7.5 (high): In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because…
CVE-2015-5522 — CVSS 6.8 (medium): Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service…
CVE-2015-5523 — CVSS 4.3 (medium): The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving…
CVE-2025-6498 — CVSS 3.3 (low): A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file…