Homepage

markdown-pdf@3.0.0 vulnerabilities

Markdown to PDF converter

  • latest version

    11.0.0

  • first published

    12 years ago

  • latest version published

    3 years ago

  • licenses detected

  • View markdown-pdf package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the markdown-pdf package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Arbitrary File Read

    markdown-pdf is a Markdown to PDF converter.

    Affected versions of this package are vulnerable to Arbitrary File Read due to improper validation of the Markdown content entered by the user.

    How to fix Arbitrary File Read?

    There is no fixed version for markdown-pdf.

    *
    • M
    Directory Traversal

    markdown-pdf is a Node module that converts Markdown files to PDFs.

    Affected versions of this package are vulnerable to Directory Traversal attacks. An attacker could insert a malicious html code that can result in reading the local files.

    How to fix Directory Traversal?

    Upgrade markdown-pdf to version 9.0.0 or higher.

    <9.0.0
    Go back to all versions of this package