Wiremock Wiremock
6 CVEs affecting Wiremock Wiremock. Latest disclosed: 2023-12-29. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-39967 | Critical | 10.0 | 2023-09-06 | WireMock is a tool for mocking HTTP services. When certain request URLs like “@127.0.0.1:1234" are used in WireMock Studio configuration fields, the request mi… |
CVE-2018-9116 | Critical | 9.1 | 2018-03-29 | An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause… |
CVE-2023-50069 | Medium | 6.1 | 2023-12-29 | WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored cross-site scripting (SXSS) through the recording feature. An attacker can host a m… |
CVE-2018-9117 | Medium | 5.3 | 2018-03-29 | WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a spec… |
CVE-2023-41327 | Medium | 4.6 | 2023-09-06 | WireMock is a tool for mocking HTTP services. WireMock can be configured to only permit proxying (and therefore recording) to certain addresses. This is achiev… |
CVE-2023-41329 | Low | 3.9 | 2023-09-06 | WireMock is a tool for mocking HTTP services. The proxy mode of WireMock, can be protected by the network restrictions configuration, as documented in Preventi… |