CNNVD-202601-3479 Information

CNNVD ID

CNNVD-202601-3479

Related CVE

CVE-2025-56590

• CNNVD Published: 2026-01-22

Description (Chinese)

Apryse HTML2PDF SDK是美国Apryse公司的一个文件格式转换组件。 Apryse HTML2PDF SDK 11.10及之前版本存在安全漏洞，该漏洞源于InsertFromURL函数存在漏洞，可能导致在本地服务器上执行任意操作系统命令。

Description (English)

Apryse HTML2PDF SDK is a file format conversion component of Apryse, United States. Apryse HTML2PDF SDK 11.10 and previous versions contain a security loophole, which stems from a gap in the InsertFromURL function, which may lead to the implementation of an arbitrary operating system command on a local server.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Apryse

Published

2026-01-22

Last Modified

2026-02-24

References

http://apryse.com https://www.stratascale.com/resource/apryse-server-argument-injection-rce/ https://access.redhat.com/security/cve/cve-2025-56590