Filtered by vendor Markdown-pdf Project Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-0835 1 Markdown-pdf Project 1 Markdown-pdf 2024-11-21 8.2 High
markdown-pdf version 11.0.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the Markdown content entered by the user.
CVE-2018-3770 1 Markdown-pdf Project 1 Markdown-pdf 2024-11-21 5.5 Medium
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.