markdown-pdf@8.1.1 vulnerabilities

Markdown to PDF converter

Direct Vulnerabilities

Known vulnerabilities in the markdown-pdf package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Arbitrary File Read

markdown-pdf is a Markdown to PDF converter.

Affected versions of this package are vulnerable to Arbitrary File Read due to improper validation of the Markdown content entered by the user.

How to fix Arbitrary File Read?

There is no fixed version for markdown-pdf.

*
  • M
Directory Traversal

markdown-pdf is a Node module that converts Markdown files to PDFs.

Affected versions of this package are vulnerable to Directory Traversal attacks. An attacker could insert a malicious html code that can result in reading the local files.

How to fix Directory Traversal?

Upgrade markdown-pdf to version 9.0.0 or higher.

<9.0.0
  • M
Directory Traversal

markdown-pdf is a Node module that converts Markdown files to PDFs.

Affected versions of this package are vulnerable to Directory Traversal attacks. An attacker could insert a malicious html code that can result in reading the local files.

How to fix Directory Traversal?

Upgrade markdown-pdf to version 9.0.0 or higher.

<9.0.0