49 matches found
pdf-image 安全漏洞
pdf-image is a Node.js tool developed by Masafumi Oyamada for converting PDFs to PNG images. Versions of pdf-image 2.0.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the fact that the pdfFilePath parameter is not verified, which may lead to OS command injection...
CVE-2026-29112 @dicebear/converter vulnerable to ncontrolled memory allocation via crafted SVG dimensions
DiceBear is an avatar library for designers and developers. Prior to version 9.4.0, the ensureSize function in @dicebear/converter read the width and height attributes from the input SVG to determine the output canvas size for rasterization PNG, JPEG, WebP, AVIF. An attacker who can supply a...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the dopnm2png function. An attacker can achieve code execution, data corruption, or application crash by providing specially crafted width or height arguments that trigger a heap-based buffer overflow duri...
CVE-2020-37012
Tea LaTex 1.0 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary shell commands through the /api.php endpoint. Attackers can craft a malicious LaTeX payload with shell commands that are executed when processed by the application's tex2png API...
CVE-2020-37012 Tea LaTex 1.0 - Remote Code Execution
Tea LaTex 1.0 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary shell commands through the /api.php endpoint. Attackers can craft a malicious LaTeX payload with shell commands that are executed when processed by the application's tex2png API...
PT-2026-5287
Tea LaTex 1.0 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary shell commands through the /api.php endpoint. Attackers can craft a malicious LaTeX payload with shell commands that are executed when processed by the application's tex2png API...
CVE-2024-39918
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. Input of the ImageId in the code is not sanitized and may lead to path traversal. This allows an attacker to store an image in ...
EUVD-2024-2232
Malicious code in bioql PyPI...
EUVD-2024-2427
Malicious code in bioql PyPI...
CVE-2024-39919
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. The package includes an ALLOWLIST where the host can specify which services the user is permitted to capture screenshots of. By...
CVE-2024-37169
@jmondi/url-to-png is a self-hosted URL to PNG utility. Versions prior to 2.0.3 are vulnerable to arbitrary file read if a threat actor uses the Playright's screenshot feature to exploit the file wrapper. Version 2.0.3 mitigates this issue by requiring input URLs to be of protocol http or https. ...
Khan Academy: XSS on using the legacy "Graphie To Png" API
The legacy "Graphie To Png" API was vulnerable to exploitation. An attacker could upload malicious graphies that included harmful SVG and JSON data. The SVG contained an onload attribute that executed arbitrary JavaScript. The JSON data modified the content of labels, causing the graphie renderer...
Information Disclosure
@jmondi/url-to-png is vulnerable to Information Disclosure. The vulnerability is caused due to a lack of a blocklist mechanism to restrict which URLs can be captured as screenshots. This allows an attacker to potentially capture screenshots of sensitive information from local web services...
CVE-2024-39918
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. Input of the ImageId in the code is not sanitized and may lead to path traversal. This allows an attacker to store an image in ...
CVE-2024-39919
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. The package includes an ALLOWLIST where the host can specify which services the user is permitted to capture screenshots of. By...
CVE-2024-39919 Capture screenshot of localhost web services (unauthenticated pages) in @jmondi/url-to-png
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. The package includes an ALLOWLIST where the host can specify which services the user is permitted to capture screenshots of. By...
CVE-2024-39919 Capture screenshot of localhost web services (unauthenticated pages) in @jmondi/url-to-png
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. The package includes an ALLOWLIST where the host can specify which services the user is permitted to capture screenshots of. By...
CVE-2024-39919 Capture screenshot of localhost web services (unauthenticated pages) in @jmondi/url-to-png
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. The package includes an ALLOWLIST where the host can specify which services the user is permitted to capture screenshots of. By...
CVE-2024-39919
CVE-2024-39919 affects the @jmondi/url-to-png package. The issue stems from an ALLOW_LIST that by default permits screenshots of localhost/internal services, enabling a user to capture internal web services when the package runs on a server. This could disclose internal screens or services. The v...
CVE-2024-39918 Path Traveral in @jmondi/url-to-png
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. Input of the ImageId in the code is not sanitized and may lead to path traversal. This allows an attacker to store an image in ...