ReportizFlow
Filtered by vendor Parall
Subscriptions
Filtered by product Jspdf
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57810 | 1 Parall | 1 Jspdf | 2025-08-29 | 5.3 Medium |
| jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG file that results in high CPU utilization and denial of service. The vulnerability was fixed in jsPDF 3.0.2. | ||||
| CVE-2021-23353 | 1 Parall | 1 Jspdf | 2024-11-21 | 5.9 Medium |
| This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function. | ||||
| CVE-2020-7691 | 1 Parall | 1 Jspdf | 2024-11-21 | 6.3 Medium |
| In all versions of the package jspdf, it is possible to use <<script>script> in order to go over the filtering regex. | ||||
| CVE-2020-7690 | 1 Parall | 1 Jspdf | 2024-11-21 | 6.1 Medium |
| All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method. | ||||
Page 1 of 1.