CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7790

This affects the package spatie/browsershot from 0.0.0. By specifying a URL in the file:// protocol an attacker is able to include arbitrary files in the resultant PDF.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.6%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://github.com/spatie/browsershot/issues/441%23issue-735049731
https://snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-1037064
https://github.com/spatie/browsershot/issues/441%23issue-735049731
https://snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-1037064

Products affected by CVE-2020-7790

Spatie » Browsershot » Version: N/A

cpe:2.3:a:spatie:browsershot:-
Spatie » Browsershot » Version: 3.57.2

cpe:2.3:a:spatie:browsershot:3.57.2
Spatie » Browsershot » Version: 3.57.3

cpe:2.3:a:spatie:browsershot:3.57.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7790

Products

Pricing

Contact Us