5 matches found
DEBIAN-CVE-2024-28184
WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if urlfetcher is configured to prevent access to files and URLs. This vulnerability has been patched in...
Design/Logic Flaw
WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if urlfetcher is configured to prevent access to files and URLs. This vulnerability has been patched in...
CVE-2024-28184 WeasyPrint allows the attachment of arbitrary files and URLs to a PDF
WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if urlfetcher is configured to prevent access to files and URLs. This vulnerability has been patched in...
CVE-2024-28184
CVE-2024-28184 — WeasyPrint is affected in versions up to 61.1, where the PDF generation may attach content from arbitrary files and URLs to the output document, even when url_fetcher is configured to block access. The issue’s root cause is in the PDF rendering logic that allows unintended inclus...
CVE-2024-28184 WeasyPrint allows the attachment of arbitrary files and URLs to a PDF
WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if urlfetcher is configured to prevent access to files and URLs. This vulnerability has been patched in...