VulnerableCode Package Details - pkg:npm/jspdf@4.1.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-mzjd-s1np-3fbu	jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS method in the jspdf Node.js build utilizes a shared module-scoped variable (text) to store JavaScript content. When used in a concurrent environment (e.g., a Node.js web server), this variable is shared across all requests. If multiple requests generate PDFs simultaneously, the JavaScript content intended for one user may be overwritten by a subsequent request before the document is generated. This results in Cross-User Data Leakage, where the PDF generated for User A contains the JavaScript payload (and any embedded sensitive data) intended for User B. Typically, this only affects server-side environments, although the same race conditions might occur if jsPDF runs client-side. The vulnerability has been fixed in jsPDF@4.1.0.	CVE-2026-24040 GHSA-cjw8-79x6-5cj4
VCID-q9q5-qhbk-mfe1	jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properties, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim opens the document. The vulnerable API members are AcroformChoiceField.addOption, AcroformChoiceField.setOptions, AcroFormCheckBox.appearanceState, and AcroFormRadioButton.appearanceState. The vulnerability has been fixed in jsPDF@4.1.0.	CVE-2026-24737 GHSA-pqxr-3g65-p328
VCID-r3u7-b4rp-hbhq	jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addMetadata function allows users to inject arbitrary XML. If given the possibility to pass unsanitized input to the addMetadata method, a user can inject arbitrary XMP metadata into the generated PDF. If the generated PDF is signed, stored or otherwise processed after, the integrity of the PDF can no longer be guaranteed. The vulnerability has been fixed in jsPDF@4.1.0.	CVE-2026-24043 GHSA-vm32-vv63-w422
VCID-yanu-z2m8-5bap	jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0.	CVE-2026-24133 GHSA-95fx-jjr5-f39c

Vulnerability

Summary

Aliases

VCID-mzjd-s1np-3fbu

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS method in the jspdf Node.js build utilizes a shared module-scoped variable (text) to store JavaScript content. When used in a concurrent environment (e.g., a Node.js web server), this variable is shared across all requests. If multiple requests generate PDFs simultaneously, the JavaScript content intended for one user may be overwritten by a subsequent request before the document is generated. This results in Cross-User Data Leakage, where the PDF generated for User A contains the JavaScript payload (and any embedded sensitive data) intended for User B. Typically, this only affects server-side environments, although the same race conditions might occur if jsPDF runs client-side. The vulnerability has been fixed in jsPDF@4.1.0.

CVE-2026-24040
GHSA-cjw8-79x6-5cj4

VCID-q9q5-qhbk-mfe1

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properties, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim opens the document. The vulnerable API members are AcroformChoiceField.addOption, AcroformChoiceField.setOptions, AcroFormCheckBox.appearanceState, and AcroFormRadioButton.appearanceState. The vulnerability has been fixed in jsPDF@4.1.0.

CVE-2026-24737
GHSA-pqxr-3g65-p328

VCID-r3u7-b4rp-hbhq

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addMetadata function allows users to inject arbitrary XML. If given the possibility to pass unsanitized input to the addMetadata method, a user can inject arbitrary XMP metadata into the generated PDF. If the generated PDF is signed, stored or otherwise processed after, the integrity of the PDF can no longer be guaranteed. The vulnerability has been fixed in jsPDF@4.1.0.

CVE-2026-24043
GHSA-vm32-vv63-w422

VCID-yanu-z2m8-5bap

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0.

CVE-2026-24133
GHSA-95fx-jjr5-f39c

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T15:50:16.212470+00:00	GitLab Importer	Fixing	VCID-r3u7-b4rp-hbhq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jspdf/CVE-2026-24043.yml	38.6.0
2026-06-12T15:50:15.838631+00:00	GitLab Importer	Fixing	VCID-yanu-z2m8-5bap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jspdf/CVE-2026-24133.yml	38.6.0
2026-06-12T15:50:15.067896+00:00	GitLab Importer	Fixing	VCID-mzjd-s1np-3fbu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jspdf/CVE-2026-24040.yml	38.6.0
2026-06-12T15:50:14.756842+00:00	GitLab Importer	Fixing	VCID-q9q5-qhbk-mfe1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jspdf/CVE-2026-24737.yml	38.6.0
2026-06-12T07:48:39.075254+00:00	GithubOSV Importer	Fixing	VCID-yanu-z2m8-5bap	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-95fx-jjr5-f39c/GHSA-95fx-jjr5-f39c.json	38.6.0
2026-06-12T07:48:11.609086+00:00	GithubOSV Importer	Fixing	VCID-mzjd-s1np-3fbu	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-cjw8-79x6-5cj4/GHSA-cjw8-79x6-5cj4.json	38.6.0
2026-06-12T07:48:04.543010+00:00	GithubOSV Importer	Fixing	VCID-q9q5-qhbk-mfe1	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-pqxr-3g65-p328/GHSA-pqxr-3g65-p328.json	38.6.0
2026-06-12T07:47:43.235082+00:00	GithubOSV Importer	Fixing	VCID-r3u7-b4rp-hbhq	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-vm32-vv63-w422/GHSA-vm32-vv63-w422.json	38.6.0
2026-06-11T20:37:44.901096+00:00	GHSA Importer	Fixing	VCID-q9q5-qhbk-mfe1	https://github.com/advisories/GHSA-pqxr-3g65-p328	38.6.0
2026-06-11T20:37:44.865592+00:00	GHSA Importer	Fixing	VCID-yanu-z2m8-5bap	https://github.com/advisories/GHSA-95fx-jjr5-f39c	38.6.0
2026-06-11T20:37:44.831009+00:00	GHSA Importer	Fixing	VCID-r3u7-b4rp-hbhq	https://github.com/advisories/GHSA-vm32-vv63-w422	38.6.0
2026-06-11T20:37:44.796825+00:00	GHSA Importer	Fixing	VCID-mzjd-s1np-3fbu	https://github.com/advisories/GHSA-cjw8-79x6-5cj4	38.6.0