NodeJS/phantomjs/1.9.6-0


Headless WebKit with JS API

https://www.npmjs.com/package/phantomjs
Apache-2.0

1 Security Vulnerabilities

PhantomJS Arbitrary File Read

Published date: 2022-05-24T22:01:03Z
CVE: CVE-2019-17221
Links:

PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed.

Affected versions: ["0.0.1", "0.0.2", "0.0.3", "0.0.4", "0.0.5", "0.0.6", "0.0.7", "0.0.8", "0.0.9", "0.1.0", "0.1.1", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "1.8.0-1", "1.8.1-1", "1.8.1-2", "1.8.1-3", "1.8.2-0", "1.8.2-1", "1.8.2-2", "1.9.0-0", "1.9.0-1", "1.9.0-2", "1.9.0-3", "1.9.0-4", "1.9.0-5", "1.9.0-6", "1.9.1-0", "1.9.1-2", "1.9.1-3", "1.9.1-4", "1.9.1-5", "1.9.1-6", "1.9.1-7", "1.9.1-8", "1.9.1-9", "1.9.2-0", "1.9.2-1", "1.9.2-2", "1.9.2-3", "1.9.2-4", "1.9.2-5", "1.9.2-6", "1.9.6-0", "1.9.7-1", "1.9.7-3", "1.9.7-4", "1.9.7-5", "1.9.7-6", "1.9.7-7", "1.9.7-8", "1.9.7-9", "1.9.7-10", "1.9.7-11", "1.9.7-12", "1.9.7-13", "1.9.7-14", "1.9.7-15", "1.8.2-3", "1.9.8", "1.9.9", "1.9.10", "1.9.11", "1.9.12", "1.9.13", "1.9.15", "1.9.16", "1.9.17", "1.9.18", "1.9.19", "2.1.1", "1.9.20"]
Secure versions: [2.1.2, 2.1.3-deprecated, 2.1.3, 2.1.7]
Recommendation: Update to version 2.1.7.

81 Other Versions

Version License Security Released
2.1.7 Apache-2.0 2016-04-07 - 14:53 almost 8 years
2.1.3 Apache-2.0 2016-01-28 - 04:47 about 8 years
2.1.3-deprecated Apache-2.0 2016-01-28 - 04:40 about 8 years
2.1.2 Apache-2.0 2016-01-25 - 22:56 about 8 years
2.1.1 Apache-2.0 1 2016-01-25 - 21:14 about 8 years
1.9.20 Apache-2.0 1 2016-03-31 - 17:15 almost 8 years
1.9.19 Apache-2.0 1 2015-11-24 - 16:38 over 8 years
1.9.18 Apache-2.0 1 2015-08-10 - 15:18 over 8 years
1.9.17 Apache-2.0 1 2015-05-21 - 16:16 almost 9 years
1.9.16 Apache-2.0 1 2015-03-03 - 18:09 about 9 years
1.9.15 Apache-2.0 1 2015-01-28 - 17:27 about 9 years
1.9.13 Apache-2.0 1 2014-12-19 - 18:04 over 9 years
1.9.12 Apache-2.0 1 2014-10-27 - 19:56 over 9 years
1.9.11 Apache-2.0 1 2014-10-16 - 16:12 over 9 years
1.9.10 Apache-2.0 1 2014-09-24 - 16:51 over 9 years
1.9.9 Apache-2.0 1 2014-09-17 - 18:39 over 9 years
1.9.8 Apache-2.0 1 2014-09-17 - 16:10 over 9 years
1.9.7-15 Apache-2.0 1 2014-07-23 - 13:41 over 9 years
1.9.7-14 Apache-2.0 1 2014-07-09 - 23:17 over 9 years
1.9.7-13 Apache-2.0 1 2014-07-09 - 16:13 over 9 years
1.9.7-12 Apache-2.0 1 2014-06-28 - 17:17 over 9 years
1.9.7-11 Apache-2.0 1 2014-06-28 - 17:12 over 9 years
1.9.7-10 Apache-2.0 1 2014-06-24 - 00:25 almost 10 years
1.9.7-9 Apache-2.0 1 2014-06-18 - 17:36 almost 10 years
1.9.7-8 Apache-2.0 1 2014-05-24 - 02:04 almost 10 years
1.9.7-7 Apache-2.0 1 2014-05-23 - 17:13 almost 10 years
1.9.7-6 Apache-2.0 1 2014-05-21 - 22:38 almost 10 years
1.9.7-5 Apache-2.0 1 2014-04-28 - 19:16 almost 10 years
1.9.7-4 Apache-2.0 1 2014-04-22 - 02:36 almost 10 years
1.9.7-3 Apache-2.0 1 2014-04-02 - 15:39 almost 10 years
1.9.7-1 Apache-2.0 1 2014-01-27 - 18:35 about 10 years
1.9.6-0 Apache-2.0 1 2014-01-24 - 17:31 about 10 years
1.9.2-6 Apache-2.0 1 2013-12-20 - 22:38 over 10 years
1.9.2-5 Apache-2.0 1 2013-12-05 - 22:01 over 10 years
1.9.2-4 Apache-2.0 1 2013-11-20 - 17:05 over 10 years
1.9.2-3 Apache-2.0 1 2013-11-19 - 17:12 over 10 years
1.9.2-2 Apache-2.0 1 2013-10-01 - 21:08 over 10 years
1.9.2-1 Apache-2.0 1 2013-09-19 - 14:45 over 10 years
1.9.2-0 Apache-2.0 1 2013-09-09 - 15:02 over 10 years
1.9.1-9 Apache-2.0 1 2013-09-03 - 16:11 over 10 years
1.9.1-8 Apache-2.0 1 2013-08-19 - 21:52 over 10 years
1.9.1-7 Apache-2.0 1 2013-08-19 - 18:38 over 10 years
1.9.1-6 Apache-2.0 1 2013-08-18 - 00:02 over 10 years
1.9.1-5 Apache-2.0 1 2013-08-14 - 22:26 over 10 years
1.9.1-4 Apache-2.0 1 2013-08-13 - 21:35 over 10 years
1.9.1-3 Apache-2.0 1 2013-08-13 - 18:28 over 10 years
1.9.1-2 Apache-2.0 1 2013-08-12 - 18:54 over 10 years
1.9.1-0 Apache-2.0 1 2013-06-13 - 14:36 almost 11 years
1.9.0-6 Apache-2.0 1 2013-05-29 - 01:28 almost 11 years
1.9.0-5 Apache-2.0 1 2013-05-28 - 17:07 almost 11 years
1.9.0-4 Apache-2.0 1 2013-05-17 - 17:11 almost 11 years
1.9.0-3 Apache-2.0 1 2013-04-23 - 02:34 almost 11 years
1.9.0-2 Apache-2.0 1 2013-04-14 - 17:05 almost 11 years
1.9.0-1 Apache-2.0 1 2013-04-02 - 23:17 almost 11 years
1.9.0-0 Apache-2.0 1 2013-03-25 - 21:11 about 11 years
1.8.2-3 Apache-2.0 1 2014-09-04 - 16:04 over 9 years
1.8.2-2 Apache-2.0 1 2013-03-20 - 16:17 about 11 years
1.8.2-1 Apache-2.0 1 2013-03-19 - 23:42 about 11 years
1.8.2-0 Apache-2.0 1 2013-03-11 - 20:18 about 11 years
1.8.1-3 Apache-2.0 1 2013-01-30 - 22:33 about 11 years
1.8.1-2 Apache-2.0 1 2013-01-30 - 21:19 about 11 years
1.8.1-1 Apache-2.0 1 2013-01-29 - 23:53 about 11 years
1.8.0-1 Apache-2.0 1 2012-12-23 - 17:52 over 11 years
0.2.6 Apache-2.0 1 2012-12-19 - 21:48 over 11 years
0.2.5 Apache-2.0 1 2012-12-19 - 21:25 over 11 years
0.2.4 Apache-2.0 1 2012-12-19 - 21:01 over 11 years
0.2.3 Apache-2.0 1 2012-11-25 - 18:36 over 11 years
0.2.2 Apache-2.0 1 2012-10-25 - 22:47 over 11 years
0.2.1 Apache-2.0 1 2012-10-22 - 15:45 over 11 years
0.2.0 Apache-2.0 1 2012-10-11 - 18:53 over 11 years
0.1.1 Apache-2.0 1 2012-10-11 - 16:52 over 11 years
0.1.0 Apache-2.0 1 2012-10-07 - 18:06 over 11 years
0.0.9 Apache-2.0 1 2012-10-05 - 14:53 over 11 years
0.0.8 Apache-2.0 1 2012-09-10 - 22:36 over 11 years
0.0.7 Apache-2.0 1 2012-09-10 - 22:32 over 11 years
0.0.6 Apache-2.0 1 2012-09-10 - 22:30 over 11 years
0.0.5 Apache-2.0 1 2012-09-10 - 22:28 over 11 years
0.0.4 Apache-2.0 1 2012-09-10 - 22:24 over 11 years
0.0.3 Apache-2.0 1 2012-09-10 - 22:23 over 11 years
0.0.2 Apache-2.0 1 2012-09-10 - 21:54 over 11 years
0.0.1 Apache-2.0 1 2012-09-10 - 21:20 over 11 years