3 matches found
CVE-2026-24133
creationtimestamp| type| source ---|---|--- 2026-02-09 01:02:45+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3mefat4pq3c2m...
CVE-2026-24133
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in...
CVE-2026-24133
The CVE-2026-24133 issue affects jsPDF (prior to 4.1.0) where user control of the first addImage argument allows denial of service when processing unvalidated BMP data or URLs, including via the html method. Harmful BMP headers with large width/height trigger excessive memory allocations, leading...