Количество 2
Количество 2
CVE-2022-43984
Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protocol.
GHSA-6q49-35h6-rq2p
Browsershot version 3.57.3 vulnerable to improper input validation
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-43984 Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protocol. | CVSS3: 8.2 | 0% Низкий | около 3 лет назад |
| GHSA-6q49-35h6-rq2p Browsershot version 3.57.3 vulnerable to improper input validation | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу