GHSA-rc44-5cmh-879m

Source

https://github.com/advisories/GHSA-rc44-5cmh-879m

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-rc44-5cmh-879m/GHSA-rc44-5cmh-879m.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-rc44-5cmh-879m

Aliases

CVE-2023-2798

Published

2023-05-25T15:30:17Z

Modified

2023-11-08T04:12:08.188072Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

Unrestricted recursion in htmlunit

Details

Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. This effect may support a denial of service attack. This issue affects HtmlUnit before 2.70.0.

References

Affected packages

Maven / org.htmlunit:htmlunit

Package

Name: org.htmlunit:htmlunit; View open source insights on deps.dev
Purl: pkg:maven/org.htmlunit/htmlunit

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.70.0