Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due to URI normalisation in the browser where the file:// check can be bypassed with file:\\. An attacker could read any file on the server by exploiting the normalization of \ into /.
History

Wed, 18 Dec 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 18 Dec 2024 06:15:00 +0000

Type Values Removed Values Added
Description Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due to URI normalisation in the browser where the file:// check can be bypassed with file:\\. An attacker could read any file on the server by exploiting the normalization of \ into /.
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2024-12-18T06:06:04.591Z

Updated: 2024-12-18T14:44:23.335Z

Reserved: 2023-12-22T12:33:20.128Z

Link: CVE-2024-21547

cve-icon Vulnrichment

Updated: 2024-12-18T14:44:18.928Z

cve-icon NVD

Status : Received

Published: 2024-12-18T06:15:23.187

Modified: 2024-12-18T06:15:23.187

Link: CVE-2024-21547

cve-icon Redhat

No data.