Количество 2
Количество 2
CVE-2024-25180
An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: this is disputed because the behavior of the /pdf endpoint is intentional. The /pdf endpoint is only available after installing a test framework (that lives outside of the pdfmake applicaton). Anyone installing this is responsible for ensuring that it is only available to authorized testers.
GHSA-3wcf-84jq-4rxx
An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the path '/pdf'.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-25180 An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: this is disputed because the behavior of the /pdf endpoint is intentional. The /pdf endpoint is only available after installing a test framework (that lives outside of the pdfmake applicaton). Anyone installing this is responsible for ensuring that it is only available to authorized testers. | CVSS3: 9.8 | 0% Низкий | почти 2 года назад |
| GHSA-3wcf-84jq-4rxx An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the path '/pdf'. | CVSS3: 9.8 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу