net.sourceforge.htmlunit:htmlunit

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting net.sourceforge.htmlunit:htmlunitpage 1 of 1

CVE-2020-5529HIGHCVSS 8.1EG 8.1✓ Fixed in 2.37.0
2020-02-11
vulnerable: 1.14 ... 2.9 (40 versions)
HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android applica…
CVE-2023-26119CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.0.0
2023-04-03
vulnerable: 1.14 ... 2.9 (78 versions)
Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage.

Check whether net.sourceforge.htmlunit:htmlunit is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for net.sourceforge.htmlunit:htmlunit CVEs against the assets you own.

Start Free Scan →