CVE-2021-45394

Published: Jan 18, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can trigger deserialization of arbitrary data via the injection of a malicious <link> tag in the converted HTML document.

Affected (1)

Products: Html2pdf Project: Html2pdf

Html2pdf Project

1 product

Html2pdf

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Html2pdf Project Html2pdf	Before 5.2.4

Related CWEs

CWE-502

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CWE-918

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (6)

https://github.com/spipu/html2pdf

Source: cve@mitre.org

ProductThird Party Advisory

https://github.com/spipu/html2pdf/blob/master/CHANGELOG.md

Source: cve@mitre.org

Release NotesThird Party Advisory

https://www.synacktiv.com/sites/default/files/2022-01/html2pdf_ssrf_deserialization.pdf

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/spipu/html2pdf

Source: af854a3a-2127-422b-91ae-364da2661108

ProductThird Party Advisory

https://github.com/spipu/html2pdf/blob/master/CHANGELOG.md

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

https://www.synacktiv.com/sites/default/files/2022-01/html2pdf_ssrf_deserialization.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.