CVE-2020-8132

Published: Feb 28, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.

Vendor	Product	Versions
n/a	pdf-image	affected `Not Fixed`

Weaknesses (CWE)

CWE-94

References

https://hackerone.com/reports/781664

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-8132

Description

Affected Products

Weaknesses (CWE)

References