OESA-2024-1073
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1073
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2024-1073.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2024-1073
- Upstream
- Published
- 2024-01-12T11:06:48Z
- Modified
- 2025-09-03T06:17:26.024561Z
- Summary
- tidy security update
- Details
-
When editing HTML it's easy to make mistakes. Wouldn't it be nice if there was a simple way to fix these mistakes automatically and tidy up sloppy editing into nicely laid out markup? Well now there is! Dave Raggett's HTML TIDY is a free utility for doing just that. It also works great on the atrociously hard to read markup generated by specialized HTML editors and conversion tools, and can help you identify where you need to pay further attention on making your pages more accessible to people with disabilities.
Security Fix(es):
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c.(CVE-2021-33391)
- Database specific
{ "severity": "Critical" }- References
Affected packages
openEuler:22.03-LTS-SP3 / tidy
Package
- Name
- tidy
- Purl
- pkg:rpm/openEuler/tidy&distro=openEuler-22.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.7.28-2.oe2203sp3
Ecosystem specific
{
"src": [
"tidy-5.7.28-2.oe2203sp3.src.rpm"
],
"noarch": [
"tidy-help-5.7.28-2.oe2203sp3.noarch.rpm"
],
"x86_64": [
"libtidy-5.7.28-2.oe2203sp3.x86_64.rpm",
"tidy-5.7.28-2.oe2203sp3.x86_64.rpm",
"tidy-debuginfo-5.7.28-2.oe2203sp3.x86_64.rpm",
"libtidy-devel-5.7.28-2.oe2203sp3.x86_64.rpm",
"tidy-debugsource-5.7.28-2.oe2203sp3.x86_64.rpm"
],
"aarch64": [
"tidy-debuginfo-5.7.28-2.oe2203sp3.aarch64.rpm",
"libtidy-5.7.28-2.oe2203sp3.aarch64.rpm",
"tidy-debugsource-5.7.28-2.oe2203sp3.aarch64.rpm",
"tidy-5.7.28-2.oe2203sp3.aarch64.rpm",
"libtidy-devel-5.7.28-2.oe2203sp3.aarch64.rpm"
]
}