7 matches found
EUVD-2021-1099
Malware in sbrugna...
GHSA-HCQ6-H8V2-R5WM Server-Side Request Forgery in node-pdf-generator
This affects all versions of package node-pdf-generator up to and including 0.0.6. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack...
Server-Side Request Forgery in node-pdf-generator
This affects all versions of package node-pdf-generator up to and including 0.0.6. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack...
CVE-2020-7740
This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack...
Input validation
This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack...
CVE-2020-7740
CVE-2020-7740 affects node-pdf-generator (all versions up to 0.0.6 per GHSA entry). The root cause is lack of user input validation and sanitization for content fed to the module, enabling an attacker to craft a URL that is passed to an external server, resulting in Server-Side Request Forgery (S...
Server-Side Request Forgery (SSRF)
Overview node-pdf-generator is a Web server to generate PDF's from HTML Affected versions of this package are vulnerable to Server-Side Request Forgery SSRF. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to...