3 matches found
jsPDF 安全漏洞
jsPDF is a JavaScript-based PDF document generation library developed by Parallax. Versions of jsPDF prior to 4.1.0 contained a security vulnerability. This vulnerability stemmed from the first parameter of the addImage method, which allowed users to provide harmful BMP files, potentially leading...
jsPDF Denial of Service (DoS)
Impact User control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG file that results in high CPU utilization and denial of...
Regular Expression Denial of Service (ReDoS)
Overview jspdf is a PDF Document creation from JavaScript Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. ReDoS is possible via the addImage function. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...