Homepage

html5validator@0.3.1 vulnerabilities

Validate HTML5 files.

  • latest version

    0.4.2

  • first published

    11 years ago

  • latest version published

    3 years ago

  • licenses detected

  • View html5validator package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the html5validator package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Server-side Request Forgery (SSRF)

    html5validator is a Validate HTML5 files.

    Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to the improper implementation of localhost bypass protection. An attacker can cause the server to initiate arbitrary HTTP or HTTPS requests to internal network resources by using DNS rebinding resulting in to loopback addresses, including those on localhost, by bypassing hostname-based protections using DNS rebinding techniques or domains that resolve to loopback addresses.

    How to fix Server-side Request Forgery (SSRF)?

    There is no fixed version for html5validator.

    [0,)
    Go back to all versions of this package