WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if `url_fetcher` is configured to prevent access to files and URLs. This vulnerability has been patched in version 61.2.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-09T00:50:32.115Z
Updated: 2024-08-02T00:48:49.410Z
Reserved: 2024-03-06T17:35:00.857Z
Link: CVE-2024-28184
Vulnrichment
Updated: 2024-08-02T00:48:49.410Z
NVD
Status : Awaiting Analysis
Published: 2024-03-09T01:15:07.573
Modified: 2024-11-21T09:05:58.833
Link: CVE-2024-28184
Redhat
No data.