Description
This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function.
Remediation
References
https://github.com/MrRio/jsPDF/commit/d8bb3b39efcd129994f7a3b01b632164144ec43e
https://github.com/MrRio/jsPDF/pull/3091
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1083289
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1083287
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBMRRIO-1083288
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1083286
https://snyk.io/vuln/SNYK-JS-JSPDF-1073626
Related Vulnerabilities
CVE-2022-25885 Vulnerability in npm package hummus
CVE-2022-41249 Vulnerability in maven package com.meowlomo.jenkins:scm-httpclient
CVE-2011-0013 Vulnerability in maven package tomcat:catalina
CVE-2017-1000452 Vulnerability in npm package samlify
CVE-2019-12741 Vulnerability in maven package ca.uhn.hapi.fhir:hapi-fhir-testpage-overlay