CVE-2024-1647

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 20, 2024
CWE ID 79

Summary

CVE-2024-1647 is a vulnerability affecting Pyhtml2pdf version 0.0.6. An attacker can exploit this issue by providing malicious HTML content to the application, which is not validated. This allows the adversary to gain unauthorized access to arbitrary local files on the target system. The consequence of this vulnerability is a potential data leak or unauthorized system access. Users are advised to update to the latest version of Pyhtml2pdf to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share