CVE-2026-46683

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

CVE-2026-46683 Snappy: SSRF and local file read via the xsl-style-sheet option

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

CVE-2026-46683 Snappy: SSRF and local file read via the xsl-style-sheet option

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

CVE-2026-46643 Snappy: Binary path is never shell-escaped due to an inverted is_executable check

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.1, on POSIX, escapeshellarg‘/usr/bin/wkhtmltopdf’ returns the literal string ‘/usr/bin/wkhtmltopdf’ with the single-quote characters included. isexecutable then looks for a file...

EUVD-2026-36111

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.1, on POSIX, escapeshellarg‘/usr/bin/wkhtmltopdf’ returns the literal string ‘/usr/bin/wkhtmltopdf’ with the single-quote characters included. isexecutable then looks for a file...

Snappy 操作系统命令注入漏洞

Snappy is a PHP library developed by KNP Labs’ individual developers. It allows for the generation of thumbnails, snapshots, or PDFs from URLs or HTML pages. Prior to Snappy 1.7.1, there was a vulnerability related to operating system command injection. This vulnerability stemmed from the...

Snappy : SSRF and local file read via the xsl-style-sheet option

Impact It impacts applications where: - the PHP daemon run with root permissions ; - the application is either running outside a container or has sensitive file access ; It could happens with this kind of workflows: php $stylesheet = $GET'stylesheet'; // = ‘file:///etc/passwd’ $pdf = new...

EUVD-2024-1986

Malicious code in bioql PyPI...

The vulnerability of the PHP Snappy library relates to incorrect restrictions on the path to the restricted directory. This allows attackers to gain unauthorized access to local files and directories.

The vulnerability of the PHP Snappy library is related to an incorrect limitation on the path name for the restricted access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to local files and directories on the server when...

The vulnerability of the PHP Snappy library, related to insufficient validation of requests on the server side, allows a attacker to perform an SSRF attack.

The vulnerability of the PHP Snappy library is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack by sending a specially crafted HTTP request remotely...

CVE-2023-28115

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...

PT-2025-29479 · Gnu · Snappy

Уязвимость библиотеки PHP Snappy связана с недостаточной проверкой запросов на стороне сервера. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, осуществить SSRF-атаку путем отправки специально созданного HTTP-запроса...

Security Bulletin: Snappy is a compression/decompression library which affects watsonx.data

Summary Snappy is a compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays, which may impact watsonx.data. Vulnerability Details CVEID:CVE-2024-36124 DESCRIPTION: iq80 Snappy is a compression/decompression library. When...

Improper Input Validation

Google Snappy library is vulnerable to a Improper Input Validation. The vulnerability is due to an overlap in the memcpy parameters, which could result in a crash or unintended read from other parts of process memory...

Snappy security breach

Snappy is a PHP library from the individual developers at KNP Labs that allows thumbnails, snapshots or PDFs to be generated from url or html pages. A security vulnerability exists in Snappy 1.1.10.3 and earlier versions, which stems from a lack of upper bound checking on the block length of...

Snappy Code Issue Vulnerability

Snappy is a PHP library from KNP Labs Individual Developers that allows thumbnails, snapshots, or PDFs to be generated from url or html pages. Snappy is vulnerable to a code issue. An attacker can exploit this vulnerability to remotely execute code...

Snappy 输入验证错误漏洞

Snappy is a PHP library from KNP Labs Individual Developers that allows thumbnails, snapshots, or PDFs to be generated from url or html pages. Snappy An input validation error vulnerability exists in versions prior to snappy-java 1.1.10.1, which stems from an unchecked multiplication operation th...

The vulnerability of the generateFromHtml() function in the PHP Snappy library allows a hacker to execute arbitrary code.

The vulnerability of the generateFromHtml function in the PHP Snappy library is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

DEBIAN-CVE-2023-28115

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...

Snappy 代码问题漏洞

Snappy is a PHP library from the individual developers at KNP Labs that allows thumbnails, snapshots or PDFs to be generated from url or html pages. A code issue vulnerability exists in versions of Snappy prior to 1.4.2 that stems from a lack of protocol checks. An attacker can exploit this...