CVE-2020-5529
CVSS v3.1
8.1 (High)
CVSS v2.0
6.8 (Medium)
EPSS
0.40 % (74th)
Affected Products
4
Advisories
2
HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is done in an improper way, hence a malicious JavaScript code can execute arbitrary Java code on the application.
Weaknesses
- CWE-665
- Improper Initialization
- CVE Status
- PUBLISHED
- CNA
- JPCERT/CC
- Published Date
-
2020-02-11 12:15:21
(4 years ago) - Updated Date
-
2023-12-07 17:56:27
(9 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...