HIGH 7.5
PYSEC-2024-301
상세
Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain
arbitrary local files. This is possible because the application does not
validate the HTML content entered by the user.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
PyPI / pyhtml2pdf
최초 영향 버전:
0 No fixed version published yet for pyhtml2pdf (pip). Pin to a known-safe version or switch to an alternative.
참고
- https://pypi.org/project/pyhtml2pdf/ [PACKAGE]
- https://fluidattacks.com/advisories/oliver/ [EVIDENCE]