CVE-2026-26801
- EPSS 0.02%
- Veröffentlicht 10.03.2026 00:00:00
- Zuletzt bearbeitet 17.03.2026 17:16:15
Server-Side Request Forgery (SSRF) vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the ...
CVE-2025-11362
- EPSS 0.06%
- Veröffentlicht 07.10.2025 05:15:33
- Zuletzt bearbeitet 20.10.2025 15:51:04
Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by provid...
CVE-2022-46161
- EPSS 1.46%
- Veröffentlicht 06.12.2022 19:15:10
- Zuletzt bearbeitet 20.10.2025 15:56:39
pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are thus subject to arbitrary code execution in the c...