Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-sxg3-931u-zbds
Vulnerability ID VCID-sxg3-931u-zbds
Aliases CVE-2021-23353
GHSA-57f3-gghm-9mhc
Summary
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-400 Uncontrolled Resource Consumption
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00674 https://api.first.org/data/v1/epss?cve=CVE-2021-23353
epss 0.00674 https://api.first.org/data/v1/epss?cve=CVE-2021-23353
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-57f3-gghm-9mhc
cvssv3.1 7.5 https://github.com/MrRio/jsPDF/commit/d8bb3b39efcd129994f7a3b01b632164144ec43e
generic_textual HIGH https://github.com/MrRio/jsPDF/commit/d8bb3b39efcd129994f7a3b01b632164144ec43e
cvssv3.1 7.5 https://github.com/MrRio/jsPDF/pull/3091
generic_textual HIGH https://github.com/MrRio/jsPDF/pull/3091
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-23353
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2021-23353
cvssv3.1 7.5 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1083289
generic_textual HIGH https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1083289
cvssv3.1 7.5 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1083287
generic_textual HIGH https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1083287
cvssv3.1 7.5 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBMRRIO-1083288
generic_textual HIGH https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBMRRIO-1083288
cvssv3.1 7.5 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1083286
generic_textual HIGH https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1083286
cvssv3.1 7.5 https://snyk.io/vuln/SNYK-JS-JSPDF-1073626
generic_textual HIGH https://snyk.io/vuln/SNYK-JS-JSPDF-1073626
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2021-23353
https://github.com/MrRio/jsPDF/commit/d8bb3b39efcd129994f7a3b01b632164144ec43e
https://github.com/MrRio/jsPDF/pull/3091
https://nvd.nist.gov/vuln/detail/CVE-2021-23353
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1083289
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1083287
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBMRRIO-1083288
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1083286
https://snyk.io/vuln/SNYK-JS-JSPDF-1073626
GHSA-57f3-gghm-9mhc https://github.com/advisories/GHSA-57f3-gghm-9mhc
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/MrRio/jsPDF/commit/d8bb3b39efcd129994f7a3b01b632164144ec43e
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/MrRio/jsPDF/pull/3091
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-23353
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1083289
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1083287
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBMRRIO-1083288
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1083286
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://snyk.io/vuln/SNYK-JS-JSPDF-1073626
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.71904
EPSS Score 0.00674
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-12T01:59:02.144410+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0