CVE-2025-11362

CVSS 8.7 HIGHEPSS 0.3%CWE-770

Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Productos afectados

n/a · pdfmake

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/bpampuch/pdfmake/commit/741169634bf07730e010cd77477b6cc038e846ed https://security.snyk.io/vuln/SNYK-JS-PDFMAKE-10223297