Search CVE reports
1 – 4 of 4 results
HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. This vulnerability has been patched in version 3.9.0
1 affected package
htmlunit
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| htmlunit | Not in release | Not in release | Not in release | Not in release | Vulnerable |
Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack...
2 affected packages
htmlunit, jenkins-htmlunit-core-js
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| htmlunit | Not in release | Not in release | Not in release | Not in release | Ignored |
| jenkins-htmlunit-core-js | Not in release | Not in release | Not in release | Ignored | Ignored |
HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded...
1 affected package
htmlunit
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| htmlunit | Not in release | Not in release | Not in release | Not in release | Ignored |
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.
3 affected packages
htmlunit, icinga-web, libjs-extjs
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| htmlunit | — | — | — | — | Not affected |
| icinga-web | — | — | — | — | Not in release |
| libjs-extjs | — | — | — | — | Not affected |