CVE-2020-7790
This affects the package spatie/browsershot from 0.0.0. By specifying a URL in the file:// protocol an attacker is able to include arbitrary files in the resultant PDF.
Date published : 2020-12-11
https://github.com/spatie/browsershot/issues/441%23issue-735049731