Описание
survey-pdf Upgraded jsPDF Version Due to Security Vulnerability
The following security vulnerability was identified in jsPDF versions <=3.0.4: Local File Inclusion/Path Traversal.
Impact
Since SurveyJS PDF Generator depends on jsPDF, any project using survey-pdf v1.12.58 and lower or v2.5.4 and lower could be exposed to this vulnerability.
Solution
SurveyJS PDF Generator has upgraded jsPDF to version >= 4.0.0 and included the fix in the following survey-pdf releases:
Action
Users should upgrade survey-pdf in their projects to v1.12.59+ or v2.5.5+ immediately.
Notes
No other survey-pdf dependencies are affected. This update is fully backward-compatible with previous survey-pdf releases.
Пакеты
Наименование
survey-pdf
npm
Затронутые версииВерсия исправления
<= 1.12.58
1.12.59
Наименование
survey-pdf
npm
Затронутые версииВерсия исправления
>= 2.0.0, <= 2.5.4
2.5.5
