Skip to main content

Pdf Image

2 CVEs product

Monthly

CVE-2020-8132 npm CRITICAL POC Act Now

Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js RCE Code Injection Pdf Image
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2018-3757 npm CRITICAL POC PATCH Act Now

Command injection exists in pdf-image v2.0.0 due to an unescaped string parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Pdf Image
NVD GitHub
CVSS 3.1
9.8
EPSS
4.6%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js RCE Code Injection +1
NVD
EPSS 5% CVSS 9.8
CRITICAL POC PATCH Act Now

Command injection exists in pdf-image v2.0.0 due to an unescaped string parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Pdf Image
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy