Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jspdf
(Parall)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-07-06 | CVE-2020-7690 | All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method. | Jspdf | 6.1 | ||
| 2021-03-09 | CVE-2021-23353 | This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function. | Jspdf | 7.5 | ||
| 2020-07-06 | CVE-2020-7691 | In all versions of the package jspdf, it is possible to use <<script>script> in order to go over the filtering regex. | Jspdf | N/A |