spatie/browsershot Security Advisories for 1.6.0 (10)
-
[HIGH] Browsershot Server-Side Request Forgery (SSRF) via setURL() Function
PKSA-j9hz-k29x-6s58 CVE-2025-3192 GHSA-qw64-6vcc-8ghx
Affected version: <=5.0.3
Reported by:
GitHub -
[HIGH] Browsershot Path Traversal
PKSA-kq82-8x3t-s3fs CVE-2025-1022 GHSA-j2gw-r24m-j2qw
Affected version: <5.0.5
Reported by:
GitHub -
[MEDIUM] Browsershot Local File Inclusion
PKSA-8m7x-943y-brpz CVE-2025-1026 GHSA-f2q5-6mx7-q9qq
Affected version: <5.0.5
Reported by:
GitHub -
[MEDIUM] Browsershot Improper Input Validation vulnerability
PKSA-318x-z311-x7rh CVE-2024-21549 GHSA-c9f5-29f6-c35w
Affected version: <5.0.3
Reported by:
GitHub -
[HIGH] Spatie Browsershot Directory Traversal vulnerability
PKSA-y3ty-b1bg-gxtm CVE-2024-21547 GHSA-v528-6rq9-h6gw
Affected version: <5.0.2
Reported by:
GitHub -
[MEDIUM] Browsershot Local File Inclusion
PKSA-5jt2-w99c-cs4s CVE-2024-21544 GHSA-g2r4-phv7-5fgv
Affected version: <5.0.1
Reported by:
GitHub -
[HIGH] Browsershot does not validate URL protocols passed to Browsershot URL method
PKSA-5g36-f9tk-skrf CVE-2022-41706 GHSA-8c2c-jxwj-jqgf
Affected version: <3.57.3
Reported by:
GitHub -
[MEDIUM] Browsershot vulnerable to Cross-Site Scripting (XSS)
PKSA-d7vr-vsdt-jbdy CVE-2022-43983 GHSA-82h9-v8vh-mfpq
Affected version: <3.57.3
Reported by:
GitHub -
[MEDIUM] Browsershot version 3.57.3 vulnerable to improper input validation
PKSA-bbg8-8937-v2dz CVE-2022-43984 GHSA-6q49-35h6-rq2p
Affected version: <3.57.4
Reported by:
GitHub -
[MEDIUM] browsershot local file inclusion vulnerability
PKSA-knj7-j31t-63hn CVE-2020-7790 GHSA-rv74-mh27-4jpv
Affected version: <3.40.1
Reported by:
GitHub