webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader.
References
Link | Resource |
---|---|
https://github.com/code4craft/webmagic/issues/1122 | Exploit Issue Tracking |
Configurations
History
03 Aug 2023, 18:09
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-94 | |
First Time |
Code4craft webmagic
Code4craft |
|
CPE | cpe:2.3:a:code4craft:webmagic:*:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/code4craft/webmagic/issues/1122 - Exploit, Issue Tracking | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
28 Jul 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-28 15:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-39015
Mitre link : CVE-2023-39015
CVE.ORG link : CVE-2023-39015
JSON object : View
Products Affected
code4craft
- webmagic
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')