Command Injection Affecting wkhtmltopdf-binary-edge Open this link in a new tab package, versions <0.12.5.1


0.0
high
  • Attack Complexity

    Low

  • Confidentiality

    High

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • snyk-id

    SNYK-RUBY-WKHTMLTOPDFBINARYEDGE-474621

  • published

    30 Oct 2019

  • disclosed

    28 Oct 2019

  • credit

    Akinori MUSHA

Introduced: 28 Oct 2019

CWE-78 Open this link in a new tab

How to fix?

Upgrade wkhtmltopdf-binary-edge to version 0.12.5.1 or higher.

Overview

wkhtmltopdf-binary-edge is a package which includes wkthmltopdf binaries for macOS (>= 10.7) and Ubuntu 16 (64bit)

Affected versions of this package are vulnerable to Command Injection. None

References