4 matches found
CVE-2025-3192
Versions of the package spatie/browsershot from 0.0.0 are vulnerable to Server-side Request Forgery SSRF in the setUrl function due to a missing restriction on user input, enabling attackers to access localhost and list all of its directories...
CVE-2025-3192
Versions of the package spatie/browsershot from 0.0.0 are vulnerable to Server-side Request Forgery SSRF in the setUrl function due to a missing restriction on user input, enabling attackers to access localhost and list all of its directories...
CVE-2025-3192
Versions of the package spatie/browsershot from 0.0.0 are vulnerable to Server-side Request Forgery SSRF in the setUrl function due to a missing restriction on user input, enabling attackers to access localhost and list all of its directories...
CVE-2025-3192
CVE-2025-3192 affects the Spatie/browsershot package with SSRF in the setUrl() function caused by insufficient input validation. Connected sources identify vulnerable ranges such as 0.0.0 (and up to 3.1 in PT-2025-14839) and, per GHSA guidance, from 0.0.0 to 5.0.3. The underlying issue allows an ...