CVE-2023-26119

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-26119
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-26119.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-26119
Aliases
Published
2023-04-03T05:15:07Z
Modified
2025-10-21T13:10:15.302975Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage.

References

Affected packages

Git / github.com/htmlunit/htmlunit

Affected ranges

Type
GIT
Repo
https://github.com/htmlunit/htmlunit
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
641325bbc84702dc9800ec7037aec061ce21956b

Affected versions

2.*

2.32
2.33
2.34.0
2.34.1
2.35.0
2.36.0
2.37.0
2.38.0
2.39.0
2.40.0
2.41.0
2.42.0
2.43.0
2.44.0
2.45.0
2.46.0
2.47.0
2.47.1
2.48.0
2.49.0
2.49.1
2.50.0
2.51.0
2.52.0
2.53.0
2.54.0
2.55.0
2.56.0
2.57.0
2.58.0
2.59.0
2.60.0
2.61.0
2.62.0
2.63.0
2.64.0
2.65.0
2.65.1
2.66.0
2.67.0
2.68.0
2.69.0
2.70.0

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "id": "CVE-2023-26119-513895e1",
        "source": "https://github.com/htmlunit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "171777225050924498416972636744546844729",
                "70942450868319234065984918453916458958",
                "334847649201847202458185048489366076333",
                "31359616917667150950904726572070822536"
            ]
        },
        "target": {
            "file": "src/test/java/com/gargoylesoftware/htmlunit/ErrorOutputChecker.java"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "id": "CVE-2023-26119-603586e0",
        "source": "https://github.com/htmlunit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "274261369456765836027816845078440260503",
                "11614769475075093023453611754176269733",
                "184059309784038777432520057332627414718",
                "31044450823275473753597662008480377670",
                "328359485886127253646359573985645714525",
                "122180829079888755502123580293294713401"
            ]
        },
        "target": {
            "file": "src/main/java/com/gargoylesoftware/htmlunit/javascript/host/xml/XSLTProcessor.java"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "id": "CVE-2023-26119-782212ac",
        "source": "https://github.com/htmlunit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b",
        "digest": {
            "function_hash": "74088710259019809095931344913096964080",
            "length": 2156.0
        },
        "target": {
            "function": "test",
            "file": "src/test/java/com/gargoylesoftware/htmlunit/javascript/host/xml/XSLTProcessorTest.java"
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "id": "CVE-2023-26119-c32b202d",
        "source": "https://github.com/htmlunit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b",
        "digest": {
            "function_hash": "162344608511115283735689510181925312773",
            "length": 2132.0
        },
        "target": {
            "function": "transform",
            "file": "src/main/java/com/gargoylesoftware/htmlunit/javascript/host/xml/XSLTProcessor.java"
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "id": "CVE-2023-26119-d43b1901",
        "source": "https://github.com/htmlunit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "64203618387258756882896776200406822193",
                "313595673679566976836557536900054409557",
                "171644551610232268736084988098432976817",
                "319284020816827656807646441537758177386",
                "259873915852380876035766417146364401369",
                "39078903860574443954872963853662247464",
                "81310441011758042291082070086755078727",
                "246736087606069207497508726992537863429",
                "280700300889566888831027954099738254290",
                "255712370256705073094499447932269220701",
                "8376852286202440068288579726479813888",
                "121877076920986961690591012757067221194",
                "94292169593231346563003529173005624260",
                "221558111766519664440545147564498218921",
                "243196542589541502601720253533030002559",
                "15594480912839159610102956588456195736",
                "36559859389371595406639550029889572792",
                "241955385900434255238976225605728761999",
                "322513736874799556525754232812226650639",
                "258368015953189710920910276862161777304",
                "35634128050972993116803545585189755568",
                "96587580050910009758855512804038166632",
                "227409631809124321408520685908253651593",
                "268041022880724802091735282190478894046",
                "122336481322888932882894773107083432696",
                "87760080672976708699242913642247212020",
                "278328096562159829659997548574615546767",
                "325665735310623814224899744479076042184",
                "91164877422802009213942952028553501167"
            ]
        },
        "target": {
            "file": "src/test/java/com/gargoylesoftware/htmlunit/javascript/host/xml/XSLTProcessorTest.java"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    }
]