jsoup: Java HTML Parser

How does this open source repository relate to critical infrastructure and healthcare?

jsoup is used by thousands of other Java libraries. On Maven central, this is the #1 Java html library. Like xz, its ubiquity can cause widespread harm if it is not secure.

What would vulnerabilities in this repository mean for critical infra & healthcare?

The most common vulnerabilities in this library would be denial of service, which could impede processing of data or cause applications to fail.

Challenges

>>> Fetid Moppet