jspdf

16 known vulnerabilities · 0 critical · 0 high

CVE-2020-7691MEDIUM

Cross-site scripting in jspdf

Published May 11, 2021

CVE-2025-68428

jsPDF has Local File Inclusion/Path Traversal vulnerability

Published Jan 5, 2026

CVE-2026-24133

jsPDF Vulnerable to Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder

Published Feb 2, 2026

CVE-2020-7690MEDIUM

Cross-site scripting in jspdf

Published May 17, 2021

CVE-2025-29907

jsPDF Bypass Regular Expression Denial of Service (ReDoS)

Published Mar 18, 2025

CVE-2026-25755

jsPDF has a PDF Object Injection via Unsanitized Input in addJS Method

Published Feb 19, 2026

CVE-2026-24737

jsPDF has PDF Injection in AcroFormChoiceField that allows Arbitrary JavaScript Execution

Published Feb 2, 2026

CVE-2026-24040

jsPDF has Shared State Race Condition in addJS Plugin

Published Feb 2, 2026

CVE-2025-57810

jsPDF Denial of Service (DoS)

Published Aug 26, 2025

CVE-2021-23353MEDIUM

jspdf vulnerable to Regular Expression Denial of Service (ReDoS)

Published Mar 12, 2021

CVE-2026-31898

jsPDF has a PDF Object Injection via FreeText color

Published Mar 17, 2026

CVE-2026-25940

jsPDF has a PDF Injection in AcroForm module allows Arbitrary JavaScript Execution (RadioButton.createOption and "AS" property)

Published Feb 19, 2026

CVE-2026-24043

jsPDF Vulnerable to Stored XMP Metadata Injection (Spoofing & Integrity Violation)

Published Feb 2, 2026

CVE-2026-31938

jsPDF has HTML Injection in New Window paths

Published Mar 17, 2026

CVE-2026-25535

jsPDF Affected by Client-Side/Server-Side Denial of Service via Malicious GIF Dimensions

Published Feb 19, 2026

CVE-2026-25630

survey-pdf Upgraded jsPDF Version Due to Security Vulnerability

Published Feb 4, 2026

Check your entire dependency tree at onceRun dependency scan →