RSS   Vulnerabilities for 'Pdf-image'   RSS

2020-02-28
 
CVE-2020-8132

CWE-20
 

 
Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.

 
2018-06-01
 
CVE-2018-3757

CWE-78
 

 
Command injection exists in pdf-image v2.0.0 due to an unescaped string parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top