md-to-pdf@2.3.1 vulnerabilities
CLI tool for converting Markdown files to PDF.
-
latest version
5.2.4
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
a year ago
-
licenses detected
- >=2.1.4 <3.0.0-pre.0
Direct Vulnerabilities
Known vulnerabilities in the md-to-pdf package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
md-to-pdf is a CLI tool for converting Markdown files to PDF. Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to utilizing the library gray-matter to parse front matter content, without disabling the JS engine. How to fix Remote Code Execution (RCE)? Upgrade |
<5.0.0
|