Every CVE whose affected-product data names Wkhtmltopdf, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-35583 — CVSS 9.8 (critical): wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag…
CVE-2020-21365 — CVSS 7.5 (high): Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive…