puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server.
View the template here CVE-2024-36527.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-36527