Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: this is disputed because the behavior of the /pdf endpoint is intentional. The /pdf endpoint is only available after installing a test framework (that lives outside of the pdfmake applicaton). Anyone installing this is responsible for ensuring that it is only available to authorized testers.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
pdfmake 安全漏洞
Vulnerability Description
pdfmake是Bartek Pampuch个人开发者的一个纯 JavaScript 的服务器端和客户端 PDF 文档生成库。 pdfmake 0.2.9及之前版本存在安全漏洞,该漏洞源于允许远程攻击者通过特制的POST请求向路径/pdf运行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A