io.hawt:hawtio-system@1.5.11 vulnerabilities
latest version
4.2.0
first published
10 years ago
latest version published
2 months ago
licenses detected
- [1.2.3,)
package manager
Direct Vulnerabilities
Known vulnerabilities in the io.hawt:hawtio-system package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
io.hawt:hawtio-system is a hawtio package for creating a Java modular web console. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the How to fix Arbitrary File Write via Archive Extraction (Zip Slip)? Upgrade | [,3.0-M7) |
io.hawt:hawtio-system is a hawtio package for creating a Java modular web console. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Multiple XSS issues exist within hawtio including the following areas:
How to fix Cross-site Scripting (XSS)? There is no fixed version for | [0,) |
io.hawt:hawtio-system is a hawtio package for creating a Java modular web console. Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF). It is possible for remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial How to fix Server-Side Request Forgery (SSRF)? Upgrade | [,2.5.0) |