org.fitnesse:fitnesse@20241207 vulnerabilities

  • latest version

    20241207

  • first published

    17 years ago

  • latest version published

    18 days ago

  • licenses detected

  • package manager

  • Direct Vulnerabilities

    Known vulnerabilities in the org.fitnesse:fitnesse package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Command Injection

    org.fitnesse:fitnesse is a web server, a wiki and an automated testing tool for software.

    Affected versions of this package are vulnerable to Command Injection. An authenticated attacker can execute arbitrary OS commands by sending crafted requests.

    Note: It is recommended to use FitNesse Safely as decribed in the Security Policy .

    How to fix Command Injection?

    There is no fixed version for org.fitnesse:fitnesse.

    [0,)
    • M
    Improper Restriction of XML External Entity Reference

    org.fitnesse:fitnesse is a web server, a wiki and an automated testing tool for software.

    Affected versions of this package are vulnerable to Improper Restriction of XML External Entity Reference allowing an attacker to obtain sensitive information, alter data or cause a denial-of-service condition.

    How to fix Improper Restriction of XML External Entity Reference?

    There is no fixed version for org.fitnesse:fitnesse.

    [0,)