markdown-pdf is vulnerable to Arbitrary File Reads. The library does not properly validate the user input Markdown content, which allows an attacker to obtain arbitrary local files on the system.
CPE | Name | Operator | Version |
---|---|---|---|
markdown-pdf | le | 11.0.0 | |
markdown-pdf | le | 11.0.0 |