RSS   Vulnerabilities for 'Markdown to pdf'   RSS

2021-12-10
 
CVE-2021-23639

NVD-CWE-noinfo
 

 
The package md-to-pdf before 5.0.0 are vulnerable to Remote Code Execution (RCE) due to utilizing the library gray-matter to parse front matter content, without disabling the JS engine.

 


Copyright 2024, cxsecurity.com

 

Back to Top