Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:40131
HistoryApr 17, 2023 - 11:55 a.m.

Arbitrary File Read

2023-04-1711:55:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
arbitrary file read
markdown-pdf
validation
user input
attacker
local files
system

0.002 Low

EPSS

Percentile

56.4%

JSON

markdown-pdf is vulnerable to Arbitrary File Reads. The library does not properly validate the user input Markdown content, which allows an attacker to obtain arbitrary local files on the system.

CPENameOperatorVersion
markdown-pdfle11.0.0
markdown-pdfle11.0.0

Related

cvelist 1
github 1
osv 1
prion 1
cve 1
nvd 1
cvelist
cvelist
CVE-2023-0835
2023-04-04 00:00:00
github
github
markdown-pdf vulnerable to local file read via server side cross-site scripting (XSS)
2023-04-05 00:30:38
osv
osv
markdown-pdf vulnerable to local file read via server side cross-site scripting (XSS)
2023-04-05 00:30:38
prion
prion
Xxe
2023-04-04 23:15:00
cve
cve
CVE-2023-0835
2023-04-04 23:15:07
nvd
nvd
CVE-2023-0835
2023-04-04 23:15:07

0.002 Low

EPSS

Percentile

56.4%

JSON
Related for VERACODE:40131
cvelist1github1osv1prion1cve1nvd1