EUVD-2021-0801

Malware in sbrugna...

GHSA-934W-HVJ4-7FR6 Path Traversal in jsreport-chrome-pdf

This affects the package jsreport-chrome-pdf before 1.10.0...

Path Traversal in jsreport-chrome-pdf

This affects the package jsreport-chrome-pdf before 1.10.0...

Arbitrary File Read

jsreport-chrome-pdf is vulnerable to arbitrary file read. An attacker can send malicious requests via lib/conversion.js to read arbitrary local files...

CVE-2020-7762

This affects the package jsreport-chrome-pdf before 1.10.0...

CVE-2020-7762

This affects the package jsreport-chrome-pdf before 1.10.0...

Code injection

This affects the package jsreport-chrome-pdf before 1.10.0...

CVE-2020-7762 Arbitrary File Read

This affects the package jsreport-chrome-pdf before 1.10.0...

CVE-2020-7762

CVE-2020-7762 affects the package jsreport-chrome-pdf prior to version 1.10.0. The vulnerability enables an arbitrary file read via the vulnerability in the code path tied to lib/conversion.js, as documented by multiple sources (Snyk entry and GitHub advisory). Impact is: attacker can read local ...

Arbitrary File Read

Overview jsreport-chrome-pdf is a Affected versions of this package are vulnerable to Arbitrary File Read. An Arbitrary File Read vulnerability exists in lib/conversion.js. PoC document.writewindow.location='../../../../../etc/passwd' Remediation Upgrade jsreport-chrome-pdf to version 1.10.0 or...

jsreport (>=2.0.0 <=2.1.0), jsreport-keycloak-auth (>=0.0.1 <=0.0.2) potentially affected by CVE-2020-7762 via jsreport-chrome-pdf (>=1.0.0 <=1.0.2)

jsreport-chrome-pdf NPM version =1.0.0, =2.0.0, =0.0.1, =0.0.2 Source cves: CVE-2020-7762 Source advisory: SNYK:JS-JSREPORTCHROMEPDF-1037310...