CVE-2022-46161
CVSS V2 None
CVSS V3 None
Description
pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are thus subject to arbitrary code execution in the context of the process running the pdfmake code. There are no known fixes for this issue. Users are advised to restrict access to trusted user input.
Overview
- CVE ID
- CVE-2022-46161
- Assigner
- security-advisories@github.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-06T19:15:10
- Last Modified Date
- 2022-12-08T18:04:31
Weakness Enumerations
CPE Configuration (Product)
CPE | Vulnerable | Operator | Version Start | Version End |
---|---|---|---|---|
cpe:2.3:a:pdfmake_project:pdfmake:*:*:*:*:*:*:*:* | 1 | OR | 0.2.5 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-46161 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46161 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2022-12-07 18:06:51 | Added to TrackCVE | |||
2022-12-08 17:15:53 | 2022-12-06T19:15:10.520 | 2022-12-06T19:15:10 | CVE Published Date | updated |
2022-12-08 17:15:53 | 2022-12-06T19:23:25 | CVE Modified Date | updated | |
2022-12-08 17:15:53 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
2022-12-08 18:19:38 | 2022-12-08T18:04:31 | CVE Modified Date | updated | |
2022-12-08 18:19:38 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
2022-12-08 18:19:39 | CPE Information | updated |