CVE-2024-1647
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Feb 20, 2024
CWE ID 79
Summary
CVE-2024-1647 is a vulnerability affecting Pyhtml2pdf version 0.0.6. An attacker can exploit this issue by providing malicious HTML content to the application, which is not validated. This allows the adversary to gain unauthorized access to arbitrary local files on the target system. The consequence of this vulnerability is a potential data leak or unauthorized system access. Users are advised to update to the latest version of Pyhtml2pdf to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share