Количество 2
Количество 2
CVE-2025-53626
pdfme is a TypeScript-based PDF generator and React-based UI. The expression evaluation feature in pdfme 5.2.0 to 5.4.0 contains critical vulnerabilities allowing sandbox escape leading to XSS and prototype pollution attacks. This vulnerability is fixed in 5.4.1.
GHSA-54xv-94qv-2gfg
@pdfme/common vulnerable to to XSS and Prototype Pollution through its expression evaluation
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-53626 pdfme is a TypeScript-based PDF generator and React-based UI. The expression evaluation feature in pdfme 5.2.0 to 5.4.0 contains critical vulnerabilities allowing sandbox escape leading to XSS and prototype pollution attacks. This vulnerability is fixed in 5.4.1. | CVSS3: 6.1 | 0% Низкий | 7 месяцев назад |
| GHSA-54xv-94qv-2gfg @pdfme/common vulnerable to to XSS and Prototype Pollution through its expression evaluation | CVSS3: 6.1 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу