HTACG tidy-html5 alloc.c defaultAlloc memory leak

June 22, 2025 invoker category_cve

CVE Details

Basic Information

Title HTACG tidy-html5 alloc.c defaultAlloc memory leak
Type cve
Published 2025-06-23T01:31:05.868Z
Last Seen

Product Information

Vendor HTACG
Product tidy-html5
Version 5.8.0

CVSS Information

Base Score 4.8 (MEDIUM)
Attack Vector CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
Confidentiality Impact
Integrity Impact
Availability Impact

AI Analysis

AI Description A memory leak vulnerability in HTACG tidy-html5’s defaultAlloc function can be exploited locally, potentially causing resource exhaustion.
AI Severity Low
Vendor HTACG
Product tidy-html5
Affected Version 5.8.0

Affected Products

  • HTACG tidy-html5 5.8.0

Additional Information

CVE List
CWE List CWE-401, CWE-404
Bulletin Family

Description

A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.