CNNVD-202510-1100 Information

CNNVD ID

CNNVD-202510-1100

Related CVE

CVE-2025-11362

• CNNVD Published: 2025-10-07

Description (Chinese)

pdfmake是Bartek Pampuch个人开发者的一个纯 JavaScript 的服务器端和客户端 PDF 文档生成库。 pdfmake 0.3.0-beta.17之前版本存在安全漏洞，该漏洞源于文件嵌入中重复重定向URL导致资源分配无限制，可能导致应用程序崩溃或无响应。

Description (English)

pdfmake is a pure JavaScript server and client PDF document generator library for Bartek Pammuch personal developers. The previous version of pdfmake 0.3.0-beta.17 had a security loophole, which stemmed from the fact that the re-direction of URLs in file embedding resulted in unrestricted resource allocation, which could lead to a collapse or lack of response of the application.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-07

Last Modified

2026-02-24

References

https://github.com/bpampuch/pdfmake/commit/741169634bf07730e010cd77477b6cc038e846ed https://security.snyk.io/vuln/SNYK-JS-PDFMAKE-10223297

Patch

https://pdfmake.github.io/docs/