Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in jsPDF (CVE-2026-25535, CVE-2026-25755, CVE-2026-25940)

Summary Multiple vulnerabilities in the jsPDF library used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the library to version 4.2.1. Vulnerability Details CVEID:CVE-2026-25535 DESCRIPTION: jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control ...

Security Bulletin: jsPDF addImage Method Vulnerable to DoS via Malicious Image Dimensions

Summary jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful GIF file that...

CVE-2026-31898

A flaw was found in jsPDF, a JavaScript library used for generating PDF documents. This vulnerability allows a remote attacker to inject arbitrary PDF objects, including JavaScript actions, into a generated PDF. This can occur if unsanitized user input is provided to the createAnnotation method's...

CVE-2026-31938

A flaw was found in jsPDF, a JavaScript library for generating PDFs. A remote attacker can exploit this vulnerability by providing malicious input to the options argument of the output function. When a victim creates and opens a PDF using this unsanitized input, arbitrary HTML, including scripts,...

CVE-2026-31938

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of the options argument of the output function allows attackers to inject arbitrary HTML such as scripts into the browser context the created PDF is opened in. The vulnerability can be exploited in the followi...

CVE-2026-31898

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of arguments of the createAnnotation method allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to the following method, a user can inje...

CVE-2026-31938

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of the options argument of the output function allows attackers to inject arbitrary HTML such as scripts into the browser context the created PDF is opened in. The vulnerability can be exploited in the followi...

CVE-2026-31938 jsPDF has HTML Injection in New Window paths

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of the options argument of the output function allows attackers to inject arbitrary HTML such as scripts into the browser context the created PDF is opened in. The vulnerability can be exploited in the followi...

CVE-2026-31898

Summary (CVE-2026-31898) jsPDF prior to 4.2.1 is affected by a PDF Object Injection flaw in the color parameter of createAnnotation. When unsanitized user input is passed to this API, an attacker could inject arbitrary PDF objects, including JavaScript actions, which may execute when the PDF is o...

CVE-2026-31898

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of arguments of the createAnnotation method allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to the following method, a user can inje...

CVE-2026-31898 jsPDF has a PDF Object Injection via FreeText color

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of arguments of the createAnnotation method allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to the following method, a user can inje...

jsPDF 跨站脚本漏洞

jsPDF is a JavaScript-based PDF document generation library developed by Parallax. Versions of jsPDF prior to 4.2.1 had a cross-site scripting vulnerability. This vulnerability stemmed from insufficient control over the options parameter of the output function, allowing attackers to inject...

Cross-site Scripting (XSS)

Overview jspdf is a PDF Document creation from JavaScript Affected versions of this package are vulnerable to Cross-site Scripting XSS in jspdf.js, when user-controlled values are passed to the options argument, then included unsanitized in the generated HTML and opened by another user. An attack...

GHSA-WFV2-PWC8-CRG5 jsPDF has HTML Injection in New Window paths

Impact User control of the options argument of the output function allows attackers to inject arbitrary HTML such as scripts into the browser context the created PDF is opened in. The affected overloads and options are: "pdfobjectnewwindow": the pdfObjectUrl option and the entire options object,...

@armco/armory-react-components (>=0.0.23 <=0.0.43), @armco/svg-canvas (>=0.1.2 <=0.1.3) +9 more potentially affected by CVE-2026-31938 via jspdf (>=4.0.0 <=4.2.0)

jspdf NPM version =4.0.0, =0.0.23, =0.1.2, =1.4.0, =0.111.0-7, =7.11.3, =0.111.0-7, =0.111.0-7, =4.4.0, =4.4.3 - svgedit =7.4.1 Source cves: CVE-2026-31938 Source advisory: SNYK:JS-JSPDF-15678195...

org.webjars.npm:dom-to-pdf (=0.3.2), org.webjars.npm:html2pdf.js (>=0.10.1 <=0.10.3) potentially affected by CVE-2026-31938 via org.webjars.npm:jspdf (>=2.5.2 <=3.0.3)

org.webjars.npm:jspdf MAVEN version =2.5.2, =0.10.1, =0.10.3 Source cves: CVE-2026-31938 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15678196...

@armco/armory-react-components (>=0.0.23 <=0.0.43), @armco/svg-canvas (>=0.1.2 <=0.1.3) +9 more potentially affected by CVE-2026-31898 via jspdf (>=4.0.0 <=4.2.0)

jspdf NPM version =4.0.0, =0.0.23, =0.1.2, =1.4.0, =0.111.0-7, =7.11.3, =0.111.0-7, =0.111.0-7, =4.4.0, =4.4.3 - svgedit =7.4.1 Source cves: CVE-2026-31898 Source advisory: SNYK:JS-JSPDF-15677842...

Improper Encoding or Escaping of Output

Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the createAnnotation method, whose color parameter can be injected with script objects. An attacker can inject PDF objects as freetext annotations, which may be executed when a user opens the...

org.webjars.npm:dom-to-pdf (=0.3.2), org.webjars.npm:html2pdf.js (>=0.10.1 <=0.10.3) potentially affected by CVE-2026-31898 via org.webjars.npm:jspdf (>=2.5.2 <=3.0.3)

org.webjars.npm:jspdf MAVEN version =2.5.2, =0.10.1, =0.10.3 Source cves: CVE-2026-31898 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15677843...

Improper Encoding or Escaping of Output

Overview jspdf is a PDF Document creation from JavaScript Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the createAnnotation method, whose color parameter can be injected with script objects. An attacker can inject PDF objects as freetext...