Lucene search
K

59 matches found

RedhatCVE
RedhatCVE
added 2025/10/08 5:19 a.m.2 views

CVE-2025-11362

Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition...

8.7CVSS6.9AI score0.00331EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/10/07 6:31 a.m.7 views

pdfmake is vulnerable to Throttling via repeatedly redirecting URL in file embedding

Versions of the package pdfmake from 0.3.0-beta.1 to before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that...

8.7CVSS6.6AI score0.00331EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/10/07 6:31 a.m.3 views

GHSA-RJ3R-R7HH-JXFQ pdfmake is vulnerable to Throttling via repeatedly redirecting URL in file embedding

Versions of the package pdfmake from 0.3.0-beta.1 to before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that...

8.7CVSS6.6AI score0.00331EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 6:31 a.m.4 views

EUVD-2025-32603

Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition...

8.7CVSS6.4AI score0.00331EPSS
Exploits0References3
NVD
NVD
added 2025/10/07 5:15 a.m.6 views

CVE-2025-11362

Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition...

8.7CVSS0.00331EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/07 5:0 a.m.10 views

CVE-2025-11362

Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition...

8.7CVSS0.00331EPSS
Exploits0References2
OSV
OSV
added 2025/10/07 5:0 a.m.3 views

CVE-2025-11362

Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition...

8.7CVSS6.9AI score0.00331EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/07 5:0 a.m.1 views

CVE-2025-11362

Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition...

8.7CVSS6.5AI score0.00331EPSS
Exploits0References2
CVE
CVE
added 2025/10/07 5:0 a.m.19 views

CVE-2025-11362

CVE-2025-11362 affects the pdfmake package prior to 0.3.0-beta.17, where an attacker can trigger repeated URL redirects in file embedding, potentially causing the application to crash or become unresponsive. The issue is categorized as Allocation of Resources Without Limits or Throttling and has ...

8.7CVSS6.5AI score0.00331EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.4 views

PT-2025-41215

Name of the Vulnerable Software and Affected Versions pdfmake affected versions not specified Liferay Portal affected versions not specified Description A cross-site scripting issue exists in Liferay Portal. A resource allocation issue without limits or throttling exists in pdfmake. Recommendatio...

5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.4 views

PT-2025-40963

Name of the Vulnerable Software and Affected Versions pdfmake versions prior to 0.3.0-beta.17 Description The software is susceptible to a denial-of-service condition due to unrestricted resource allocation. This occurs when processing crafted input that repeatedly redirects URLs during file...

8.7CVSS6.6AI score0.00331EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/10/07 12:0 a.m.5 views

pdfmake 安全漏洞

pdfmake is a pure JavaScript server-side and client-side PDF document generation library from the individual developer Bartek Pampuch. A security vulnerability exists in pdfmake versions prior to 0.3.0-beta.17, which stems from duplicate redirect URLs in file embedding leading to an unlimited...

8.7CVSS6.4AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-48992

Malicious code in bioql PyPI...

10CVSS9AI score0.01585EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/29 6:55 p.m.2 views

Malicious code in node-pdfmake (npm)

The package node-pdfmake was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/29 6:55 p.m.2 views

MAL-2025-42041 Malicious code in node-pdfmake (npm)

The package node-pdfmake was found to contain malicious code...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:30 a.m.6 views

CVE-2024-25180

An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: this is disputed because the behavior of the /pdf endpoint is intentional. The /pdf endpoint is only available after installing a test framework that lives outsi...

9.8CVSS7.5AI score0.01024EPSS
Exploits2References1
Snyk
Snyk
added 2025/04/29 4:42 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview org.webjars.npm:pdfmake is a Client/server side PDF printing in pure JavaScript Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become...

8.7CVSS6.7AI score0.00331EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/29 4:42 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview pdfmake is a Client/server side PDF printing in pure JavaScript Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by...

8.7CVSS6.9AI score0.00331EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/03/29 10:11 a.m.358 views

Exploit for Code Injection in Pdfmake_Project Pdfmake

CVE-2024-25180 Overview pdfmake is a pure JavaScript clien...

9.8CVSS6.3AI score0.01024EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/02/05 8:57 p.m.22 views

CVE-2022-46161

pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are thus subject to arbitrary code execution in the context of the process running the pdfmake code...

10CVSS7.5AI score0.01585EPSS
Exploits1References1
Rows per page
Query Builder