Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-28184

Опубликовано: 09 мар. 2024
Источник: nvd
CVSS3: 7.4
EPSS Низкий

Описание

WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if url_fetcher is configured to prevent access to files and URLs. This vulnerability has been patched in version 61.2.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:kozea:weasyprint:*:*:*:*:*:*:*:*
Версия от 61.0 (включая) до 61.2 (исключая)
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*

EPSS

Процентиль: 32%
0.00123
Низкий

7.4 High

CVSS3

Дефекты

CWE-829

Связанные уязвимости

ubuntu логотип

CVE-2024-28184

CVSS3: 7.4
ubuntu
почти 2 года назад

WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if `url_fetcher` is configured to prevent access to files and URLs. This vulnerability has been patched in version 61.2.

debian логотип

CVE-2024-28184

CVSS3: 7.4
debian
почти 2 года назад

WeasyPrint helps web developers to create PDF documents. Since version ...

github логотип

GHSA-35jj-wx47-4w8r

CVSS3: 7.4
github
почти 2 года назад

WeasyPrint allows the attachment of arbitrary files and URLs to a PDF

EPSS

Процентиль: 32%
0.00123
Низкий

7.4 High

CVSS3

Дефекты

CWE-829