Lucene search
K

13 matches found

NVD
NVD
added 2026/06/10 8:17 p.m.11 views

CVE-2026-46683

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 7:53 p.m.10 views

EUVD-2026-36112

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS5.4AI score0.00249EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 7:53 p.m.7 views

CVE-2026-46683 Snappy: SSRF and local file read via the xsl-style-sheet option

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS5.3AI score0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 7:53 p.m.28 views

CVE-2026-46683 Snappy: SSRF and local file read via the xsl-style-sheet option

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS0.00249EPSS
Exploits0References2
OSV
OSV
added 2026/05/21 8:20 p.m.11 views

GHSA-C5FP-P67M-GQ56 Snappy : SSRF and local file read via the xsl-style-sheet option

Impact It impacts applications where: - the PHP daemon run with root permissions ; - the application is either running outside a container or has sensitive file access ; It could happens with this kind of workflows: php $stylesheet = $GET'stylesheet'; // = ‘file:///etc/passwd’ $pdf = new...

6.9CVSS5.8AI score0.00249EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/21 8:20 p.m.10 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the xsl-style-sheet option. An attacker can access internal or remote resources and read arbitrary local files by supplying crafted input to the xsl-style-sheet parameter. Remediation Upgrade...

7.2CVSS6AI score0.00249EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.21 views

PT-2026-42702

Name of the Vulnerable Software and Affected Versions KnpSnappyBundle affected versions not specified Description An issue exists that allows Server-Side Request Forgery SSRF and local file read. This occurs when applications allow user-supplied input to be passed directly to the Snappy library,...

6.9CVSS5.8AI score0.00249EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/10/14 7:22 a.m.4 views

chromium: use-after-free in DOM, fixed in Chrome 38.0.2125.101

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other...

7.5CVSS7.5AI score0.01669EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.11 views

Mandriva Update for libxslt MDVSA-2008:151 (libxslt)

Check for the Version of libxslt OpenVAS Vulnerability Test Mandriva Update for libxslt MDVSA-2008:151 libxslt Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

7.5CVSS0.5AI score0.1279EPSS
Exploits2References2
Prion
Prion
added 2008/05/23 3:32 p.m.19 views

Buffer overflow

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps...

7.5CVSS7.9AI score0.1279EPSS
Exploits2References29Affected Software5
NVD
NVD
added 2008/05/23 3:32 p.m.15 views

CVE-2008-1767

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps...

7.5CVSS7.5AI score0.1279EPSS
Exploits2References29
Debian CVE
Debian CVE
added 2008/05/23 2:0 p.m.21 views

CVE-2008-1767

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps...

7.5CVSS7.5AI score0.1279EPSS
Exploits2
Cvelist
Cvelist
added 2008/05/23 2:0 p.m.21 views

CVE-2008-1767

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps...

7.4AI score0.1279EPSS
Exploits2References29
Rows per page
Query Builder