Html2pdf

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-56590 CRITICAL POC Act Now

Apryse HTML2PDF SDK through version 11.10 has a command injection vulnerability in the InsertFromURL function allowing remote code execution when converting HTML to PDF.

Command Injection RCE Html2pdf
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-56589 HIGH POC This Week

A Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) vulnerability was found in the InsertFromHtmlString() function of the Apryse HTML2PDF SDK thru 11.6.0. [CVSS 7.5 HIGH]

SSRF Lfi Html2pdf
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-56590
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Apryse HTML2PDF SDK through version 11.10 has a command injection vulnerability in the InsertFromURL function allowing remote code execution when converting HTML to PDF.

Command Injection RCE Html2pdf
NVD
CVE-2025-56589
EPSS 0% CVSS 7.5
HIGH POC This Week

A Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) vulnerability was found in the InsertFromHtmlString() function of the Apryse HTML2PDF SDK thru 11.6.0. [CVSS 7.5 HIGH]

SSRF Lfi Html2pdf
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy