CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 2CVE-2023-41330 – Unsafe deserialization in knplabs/knp-snappy
https://notcve.org/view.php?id=CVE-2023-41330
06 Sep 2023 — knplabs/knp-snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. ## Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. Version 1.4.2 added a check `if (\strpos($filename, 'phar://') === 0)` in the `prepareOutput` function to resolve this CVE, however if the user is able to control the second parameter of the `generateFromHtml()` function of Snappy, it will then be pa... • https://github.com/KnpLabs/snappy/commit/d3b742d61a68bf93866032c2c0a7f1486128b67e • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 17%CPEs: 1EXPL: 1CVE-2023-28115 – Snappy vulnerable to PHAR deserialization, allowing remote code execution
https://notcve.org/view.php?id=CVE-2023-28115
17 Mar 2023 — Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the `file_exists()` function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution especially when snappy is used with framework... • https://github.com/KnpLabs/snappy/blob/5126fb5b335ec929a226314d40cd8dad497c3d67/src/Knp/Snappy/AbstractGenerator.php#L670 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7577
https://notcve.org/view.php?id=CVE-2018-7577
24 Apr 2019 — Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory. La superposición de parámetros de Memcpy en la libreria Google Snappy versión 1.1.4, tal y como se utilizaba en Google TensorFlow en las versiones anteriores a la 1.7.1, puede provocar un cierre inesperado o una lectura de otras partes de la memoria de proceso. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-005.md • CWE-20: Improper Input Validation •