wkhtmltopdf-binary-edge is a package which includes wkthmltopdf binaries for macOS (>= 10.7) and Ubuntu 16 (64bit)
Affected versions of this package are vulnerable to Command Injection.
It is possible to passe an untrusted string to the
bin/wkhtmltopdf command through the package. This could result in execution or arbitrary commands, or insertion of arbitrary wkhtmltopdf options to change execution flow.
wkhtmltopdf-binary-edge to version 0.12.5.1 or higher.
- Akinori MUSHA
- Snyk ID
- 28 Oct, 2019
- 30 Oct, 2019