Versions of puppeteer
prior to 1.13.0 are vulnerable to the Use-After-Free vulnerability in Chromium (CVE-2019-5786). The Chromium FileReader API is vulnerable to Use-After-Free which may lead to Remote Code Execution.
Upgrade to version 1.13.0 or later.
{ "nvd_published_at": "2019-06-27T17:15:13Z", "cwe_ids": [ "CWE-416" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2020-08-31T18:37:09Z" }