Lucene search
K

4 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 11:56 a.m.15 views

Malicious code in pdf-lib-enhanced (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4da0334724e86909030ba354dab57e4c522c139a925d3ec06559541179c562e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/26 11:56 a.m.12 views

MAL-2026-4799 Malicious code in pdf-lib-enhanced (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4da0334724e86909030ba354dab57e4c522c139a925d3ec06559541179c562e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/05/26 11:56 a.m.11 views

Malicious Package

Overview pdf-lib-enhanced is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 8:44 p.m.10 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview @pdfme/pdf-lib is a Create and modify PDF files with JavaScript Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification through the ensureBuffer function in the stream decoding. An attacker can exhaust system memory and cause...

7.1CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder