Every CVE whose affected-product data names Spatie Browsershot, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-41706 — CVSS 8.2 (high): Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application…
CVE-2022-43983 — CVSS 8.2 (high): Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application…
CVE-2022-43984 — CVSS 8.2 (high): Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application…
CVE-2020-7790 — CVSS 5.3 (medium): This affects the package spatie/browsershot from 0.0.0. By specifying a URL in the file:// protocol an attacker is able to include…