CVE-2026-24133
MEDIUMjsPDF < 4.1.0 - Denial of Service via BMP Image Header Processing
Title source: llmDescription
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in [email protected].
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c
Patch x_refsource_misc
https://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d
Release Notes x_refsource_misc
https://github.com/parallax/jsPDF/releases/tag/v4.1.0
Scores
CVSS v3
6.5
EPSS
0.0056
EPSS Percentile
41.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-770
Status
published
Products (2)
npm/jspdf
0 - 4.1.0npm
parall/jspdf
< 4.1.0
Published
Feb 02, 2026
Tracked Since
Feb 18, 2026