Wiremock
This hub aggregates every CVE we track for Wiremock, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
2
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM3CRITICAL2LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Wiremock.
- CVE-2023-50069WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored cross-site scripting (SXSS) through the recording feature. An attacker can host a malicious payload and perform a test ma...6.1
- CVE-2023-39967Full read and controlled SSRF through URL parameter when testing a request inside wiremock-studio10.0
- CVE-2023-41327Controlled SSRF through URL in the WireMock4.6
- CVE-2023-41329Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio3.9
- CVE-2018-9117WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directo...5.3
- CVE-2018-9116An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service.9.1
Product normalization is registry-driven with AI assist and human review. How it works