4 matches found
CVE-2026-31938
jsPDF prior to 4.2.1 is vulnerable: unsanitized user input passed to the output method’s options can inject HTML/scripts into the browser context when a PDF is opened. The issue is triggered when an attacker provides values via a web interface, which are forwarded to the victim’s browser and proc...
Exploit for Improper Encoding or Escaping of Output in Parall Jspdf
CVE-2026-25940 jsPDF PoC A proof-of-concept for CVE-2026-2594...
Regular Expression Denial of Service (ReDoS)
Overview org.webjars.bowergithub.parallax:jspdf is a PDF Document creation from JavaScript Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the addImage, html, and addSvgAsImage methods. An attacker can occupy excessive CPU by supplying a malicious...
Regular Expression Denial of Service (ReDoS)
Overview jspdf is a PDF Document creation from JavaScript Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. ReDoS is possible via the addImage function. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...