Icedtea Webproject Icedtea Web
By the Year
In 2021 there have been 0 vulnerabilities in Icedtea Webproject Icedtea Web . Icedtea Web did not have any published security vulnerabilities last year.
It may take a day or so for new Icedtea Web vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.
Latest Icedtea Webproject Icedtea Web Security Vulnerabilities
It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files
6.5 - Medium
- July 31, 2019
It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user.
CVE-2019-10182 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.