npm package
electron-pdf
pkg:npm/electron-pdf
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-1648 | — | <= 20.0.0 | — | Feb 20, 2024 | electron-pdf version 20.0.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user. |
- CVE-2024-1648Feb 20, 2024affected <= 20.0.0
electron-pdf version 20.0.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user.