ROOT-APP-NPM-CVE-2024-34342 CVE-2024-34342 in @rootio/react-pdf - Patched by Root

Root has patched CVE-2024-34342 in the @rootio/react-pdf package for Root:npm. Multiple fixed versions available...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in react-pdf-5.0.0.tgz

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in react-pdf-5.0.0.tgz Vulnerability Details CVEID:CVE-2024-34342 DESCRIPTION: react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with...

EUVD-2024-1513

Malicious code in bioql PyPI...

CVE-2024-34342

react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true which is the default value, unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in...

Arbitrary JavaScript Execution

react-pdf is vulnerable to Arbitrary JavaScript Execution. This vulnerability is due to isEvalSupported set to true by default, allowing for the execution of arbitrary JavaScript code embedded within the PDF...

719component (>=1.1.1 <=1.1.6), @21st-night/analytics-web (>=0.65.0 <=0.79.0) +903 more potentially affected by CVE-2024-34342 via react-pdf (>=0.0.10 <=7.7.1)

react-pdf NPM version =0.0.10, =1.1.1, =0.65.0, =0.67.0, =0.53.0, =0.53.0, =0.53.0, =0.53.0, =0.34.0, =0.49.0, =0.53.0, =0.34.0, =0.53.0, =0.34.0, =0.53.0, =0.34.0, =0.48.8 and more Source cves: CVE-2024-34342 Source advisory: OSV:GHSA-87HQ-Q4GP-9WR4...

CVE-2024-34342

react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true which is the default value, unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in...

CVE-2024-34342 react-pdf's PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF

react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true which is the default value, unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in...

CVE-2024-34342 react-pdf's PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF

react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true which is the default value, unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in...

PT-2024-25799

Name of the Vulnerable Software and Affected Versions react-pdf versions prior to 7.7.3 react-pdf versions prior to 8.0.2 Description The issue arises when PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true, which is the default value. This...

React-PDF 安全漏洞

React-PDF is an application by Wojciech Maj Personal Developer. A security vulnerability exists in react-pdf. An attacker exploiting this vulnerability could execute JavaScript code...

@activelylearn/react-pdf (=2.5.2), @aglet/components (>=1.3.3 <=2.0.1) +330 more potentially affected by CVE-2018-6341 via react-dom (=16.2.0)

react-dom NPM version =16.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on react-dom and may be impacted: - @activelylearn/react-pdf =2.5.2 - @aglet/components =1.3.3, =0.1.1-alpha.0, =1.0.5, =0.0.1, =0.0.1, =0.1.0, =1.0.0, =1.0.0, =0.1.0, =3.0.4,...

@accoio/react-pdf-highlighter (>=2.0.0 <=2.0.1), @activelylearn/react-pdf (>=2.5.0 <=2.5.2) +118 more potentially affected by CVE-2018-5158 via pdfjs-dist (>=2.0.104 <=2.0.550)

pdfjs-dist NPM version =2.0.104, =2.0.0, =2.5.0, =1.0.32, =1.2.0, =1.0.9, =15.0.0, =6.0.0, =39.0.0, =7.0.0, =110.0.0, =7.0.0, =6.0.0, =3.0.6, =8.0.0, =9.0.0, =9.11.13 and more Source cves: CVE-2018-5158 Source advisory: SNYK:JS-PDFJSDIST-469200...