HtmlUnit/htmlunit

HtmlUnit/htmlunit

www.htmlunit.org

Releases150

Frequency2 weeks 5 days

Last Release 14 days ago

Stars946

HtmlUnit is a "GUI-Less browser for Java programs".

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-49093 ↗	Dec 4, 2023Monday, 4 December 2023, 05:15	9.8 CRITICAL	—
HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. This vulnerability has been patched in version 3.9.0
CVE-2023-2798 ↗	May 25, 2023Thursday, 25 May 2023, 14:15	7.5 HIGH	—
Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. This effect may support a denial of service attack.This issue affects htmlunit before 2.70.0.
CVE-2023-26119 ↗	Apr 3, 2023Monday, 3 April 2023, 05:15	9.8 CRITICAL	—
Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage.