漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Snappy: SSRF and local file read via the xsl-style-sheet option
Vulnerability Description
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0.
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Snappy 代码问题漏洞
Vulnerability Description
Snappy是KNP Labs个人开发者的一个 PHP 库,允许从 url 或 html 页面生成缩略图、快照或 PDF。 Snappy 1.7.0之前版本存在代码问题漏洞,该漏洞源于xsl-style-sheet选项可能导致服务端请求伪造和本地文件读取。
CVSS Information
N/A
Vulnerability Type
N/A