knplabs/knp-snappy Security Advisories for v1.4.3 (2)
-
[HIGH] Snappy: Binary path is never shell-escaped due to an inverted is_executable check
PKSA-13wp-m816-mvdd CVE-2026-46643 GHSA-vpr4-p6fq-85jc
Affected version: <=1.7.0
Reported by:
GitHub -
[MEDIUM] Snappy : SSRF and local file read via the xsl-style-sheet option
PKSA-p1pz-jv1j-6msg CVE-2026-46683 GHSA-c5fp-p67m-gq56
Affected version: <=1.6.0
Reported by:
GitHub