CVE-2020-7790

Summary

This affects the package spatie/browsershot from 0.0.0. By specifying a URL in the file:// protocol an attacker is able to include arbitrary files in the resultant PDF.

Affected Software

VendorProductVersion RangeStatus
n/aspatie/browsershot0.0.0 < unspecifiedaffected

Weaknesses

  • Arbitrary File Read

ADP Enrichment

CVE Program Container

Additional References

References