Known Vulnerabilities for products from Pdf-image Project
Listed below are 3 of the newest known vulnerabilities associated with the vendor "Pdf-image Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-26830 | pdf-image (npm package) through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfo... | Not Provided | 2026-03-25 | 2026-04-02 |
| CVE-2020-8132 | Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file pa... | 9.8 - CRITICAL | 2020-02-28 | 2020-03-03 |
| CVE-2018-3757 | Command injection exists in pdf-image v2.0.0 due to an unescaped string parameter. | 9.8 - CRITICAL | 2018-06-01 | 2020-03-13 |
Known software with vulnerabilities from Pdf-image Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pdf-image Project | Pdf-image | 0.0.1 |