net.sourceforge.htmlunit:htmlunit@2.19 vulnerabilities
-
latest version
2.70.0
-
first published
17 years ago
-
latest version published
2 years ago
-
licenses detected
- [0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the net.sourceforge.htmlunit:htmlunit package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
net.sourceforge.htmlunit:htmlunit is a GUI-Less browser for Java programs Affected versions of this package are vulnerable to Denial of Service (DoS). If HtmlUnit runs on user-supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. Note: In case the payload is sent to an API endpoint which accepts user-supplied input without sanitization or validation, it is possible to trigger this vulnerability without user interaction. How to fix Denial of Service (DoS)? Upgrade |
[,2.70.0)
|
net.sourceforge.htmlunit:htmlunit is a GUI-Less browser for Java programs Affected versions of this package are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. Note: Users are advised to upgrade to How to fix Remote Code Execution (RCE)? A fix was pushed into the |
[0,)
|
net.sourceforge.htmlunit:htmlunit is a GUI-Less browser for Java programs Affected versions of this package are vulnerable to Remote Code Execution (RCE). It initializes Rhino engine improperly, hence a malicious JavaScript code can execute arbitrary Java code on the application. How to fix Remote Code Execution (RCE)? Upgrade |
[,2.37.0)
|