VYPR

npm package

phantomjs

pkg:npm/phantomjs

Vulnerabilities (1)

  • CVE-2019-17221Nov 5, 2019
    affected <= 2.1.1

    PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a s