CVE-2024-37169 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2024-37169

CVE-2024-37169

June 10, 2024

@jmondi/url-to-png is a self-hosted URL to PNG utility. Versions prior to 2.0.3 are vulnerable to arbitrary file read if a threat actor uses the Playright's screenshot feature to exploit the file wrapper. Version 2.0.3 mitigates this issue by requiring input URLs to be of protocol "http" or "https". No known workarounds are available aside from upgrading.

Related Resources (7)

https://nvd.nist.gov/vuln/detail/CVE-2024-37169

https://github.com/jasonraimondi/url-to-png/commit/9336020c5e603323f5cf4a2ac3bb9a7735cf61f7

https://github.com/jasonraimondi/url-to-png/security/advisories/GHSA-665w-mwrr-77q3

https://github.com/jasonraimondi/url-to-png/issues/47

https://github.com/user-attachments/files/15536336/Arbitrary.File.Read.via.Playwright.s.Screenshot.Feature.Exploiting.File.Wrapper.pdf

https://github.com/jasonraimondi/url-to-png

https://github.com/jasonraimondi/url-to-png/releases/tag/v2.0.3

Do you need more information?

CVSS v4

Base Score:

6.9

Attack Vector

NETWORK

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

LOW

Vulnerable System Integrity

NONE

Vulnerable System Availability

NONE

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Weakness Type (CWE)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-22

EPSS

Base Score:

0.48

Products

Solutions

Resources

Company

Compare

Developer Tools