Description
webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader.
Remediation
References
https://github.com/code4craft/webmagic/issues/1122
Related Vulnerabilities
CVE-2019-1003000 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2021-25916 Vulnerability in npm package patchmerge
CVE-2021-21349 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2020-7687 Vulnerability in npm package fast-http
CVE-2022-22881 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base