PKSA-p9k4-v53c-c7zd Security Advisory
-
[HIGH] php-weasyprint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc)
PKSA-p9k4-v53c-c7zd CVE-2026-49260 GHSA-f5gc-qxf8-mh9g
Affected package: pontedilana/php-weasyprint
Affected version: <=2.5.0
Reported by:
GitHub