CVE-2024-25180
pdfmake 0.2.9 is affected by CVE-2024-25180: a crafted POST request to the /pdf endpoint can allow remote code execution. The /pdf endpoint’s behavior is disputed and is reported as intentional; it is only exposed after installing a test framework outside the pdfmake application, and users are re...