office-converter@1.0.1 vulnerabilities

A Conversion utility library for Office Files into PDF/HTML using https://github.com/dagwieers/unoconv

latest version

1.0.2
first published

8 years ago
latest version published

8 years ago
licenses detected
- MIT
  >=0
View office-converter package health on Snyk Advisor Open this link in a new tab

Known vulnerabilities in the office-converter package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Remote Code Execution (RCE) office-converter is a node module to convert office documents into either PDF or HTML. Affected versions of this package are vulnerable to Remote Code Execution (RCE). Due to insufficient input validation an attacker could run arbitrary commands on the server. How to fix Remote Code Execution (RCE)? There is no fixed version for `office-converter`.	*