Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:11 a.m.4 views

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

8.8CVSS6.5AI score0.00437EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 5:15 a.m.11 views

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

8.8CVSS0.00437EPSS
Exploits0References4
Circl
Circl
added 2025/02/05 5:8 a.m.7 views

CVE-2025-1022

creationtimestamp| type| source ---|---|--- 2025-02-05 05:08:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113949546296359039 2025-02-05 05:15:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhfsvjh7k62t 2025-02-05 06:48:35+00:00| seen|...

8.8CVSS5.3AI score0.00437EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/02/05 5:0 a.m.6 views

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

8.8CVSS8.1AI score0.00437EPSS
Exploits0References4
CVE
CVE
added 2025/02/05 5:0 a.m.69 views

CVE-2025-1022

Versions of spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html(). An attacker can bypass validation by omitting slashes in the file URI (for example, file:../../../../etc/passwd), due to missing input filtering that sh...

8.8CVSS6.7AI score0.00437EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/05 5:0 a.m.15 views

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

8.8CVSS0.00437EPSS
Exploits0References4
Rows per page
Query Builder