npm/@jmondi/url-to-png — 3 CVEs

MEDIUM5.3CVE-2024-39918@jmondi/url-to-png contains a Path Traversal vulnerability

from 0, < 2.1.2

MEDIUM5.3CVE-2024-37169Arbitrary file read via Playwright's screenshot feature exploiting file wrapper

from 0, < 2.0.3

LOW3.7CVE-2024-39919@jmondi/url-to-png enables capture screenshot of localhost web services (unauthenticated pages)

from 0, < 2.1.2

pkg:npm/@jmondi/url-to-png