PT-2026-6655 · Jspdf+1 · Jspdf+1

Publicado

2026-02-04

Atualizado

2026-02-05

CVE-2026-25630

CVSS v4.0

9.2

Crítica

Vetor

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions jsPDF versions prior to 4.0.0 SurveyJS PDF Generator versions 1.12.58 and lower SurveyJS PDF Generator versions 2.5.4 and lower

Description A local file inclusion or path traversal issue was identified in jsPDF. Because SurveyJS PDF Generator depends on jsPDF, projects using SurveyJS PDF Generator v1.12.58 and lower or v2.5.4 and lower could be affected. No other SurveyJS PDF Generator dependencies are affected.

Recommendations Upgrade SurveyJS PDF Generator to version 1.12.59 or later. Upgrade SurveyJS PDF Generator to version 2.5.5 or later. Upgrade jsPDF to version 4.0.0 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-35CWE-73

Identificadores relacionados

CVE-2026-25630

GHSA-H3Q6-JFRG-3X6Q

Produtos afetados

Surveyjs Pdf Generator

Jspdf

PT-2026-6655 · Jspdf+1 · Jspdf+1

CVE-2026-25630

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6