debian · CVE-2022-35583

Quick triage

Priority: unimportant Published: Updated: Mon, 06 Jul 2026 13:50:35 GMT

View at Official debian advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2022-35583 unimportant priority: Debian including 1 source packages (wkhtmltopdf), 2 status rows across 2 suites (bookworm, bullseye): open 2.

Description:

wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets.

cvelogic Threat Intelligence