Description
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.foxitsoftware.com/support/security-bulletins.php
Broken Link vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/109358
Scores
CVSS v3
7.5
EPSS
0.0002
EPSS Percentile
6.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
foxitsoftware/phantompdf
< 8.3.11
Published
Jul 21, 2019
Tracked Since
Feb 18, 2026