Pdfkit Project Pdfkit vulnerabilities
3 known vulnerabilities affecting pdfkit_project/pdfkit.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2022-25765P2CRITICALCVSS 9.8PoC≥ 0.0.0≥ 0.0.0, < unspecified2022-09-09
CVE-2022-25765 [CRITICAL] CVE-2022-25765: The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sani
The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.
ghsanvdosv
CVE-2013-1607P3CRITICALCVSS 9.8fixed in 0.5.32020-02-11
CVE-2013-1607 [CRITICAL] CWE-20 CVE-2013-1607: Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability
Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability
ghsanvdosv
CVE-2025-26240P3HIGH≥ 0, ≤ 1.0.02026-06-17
CVE-2025-26240 [HIGH] CWE-120 pdfkit: Path traversal in from_string
pdfkit: Path traversal in from_string
In JazzCore python-pdfkit 1.0.0, the from_string method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files.
ghsa