Vulnerabilities

CVE-2026-24133 - jsPDF Affected by Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPD...

2026-02-03 0 views admin

CVE ID : CVE-2026-24133 Published : Feb. 2, 2026, 11:16 p.m. | 1 hour, 14 minutes ago Description : jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in [email protected]. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-24133

Severity

HIGH

Published

Feb. 2, 2026

Impact: denial of service

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-24133high

CVE-2026-24133 - jsPDF Affected by Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPD...

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-24920 - Adobe Experience Manager (AEM) Permission Control Vulnerability - Availability

CVE-2026-2015 - Portabilis i-Educar Final Status Import FinalStatusImportService.php improper aut...

CVE-2026-2018 - itsourcecode School Management System controller.php sql injection

CVE-2026-1293 - Yoast SEO <= 26.8 - authenticated (contributor+) stored cross-site scripting via ...

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting