Vulnerability Details CVE-2017-13692
In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References