While working in note-gen project, I identified this vulnerability during a review of how external resources were loaded into PDFs. While testing user-supplied inputs for PDF generation, I noticed that the loadFile method accepts file paths directly without sufficient validation.
CVE Link
CVE Report
While working in note-gen project, I identified this vulnerability during a review of how external resources were loaded into PDFs. While testing user-supplied inputs for PDF generation, I noticed that the loadFile method accepts file paths directly without sufficient validation.
CVE Link
CVE Report