View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-35583 unimportant priority: Debian including 1 source packages (wkhtmltopdf), 2 status rows across 2 suites (bookworm, bullseye): open 2.
wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets.