CVE-2024-36527 Information

Description

puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server.

Reference

https://gist.github.com/7a6163/25fef08f75eed219c8ca21e332d6e911