Nighttime Possum Meandering
Severity: moderate

Command Injection

pdf-image

Overview

Versions of pdf-image before 2.0.0 are vulnerable to command injection. This vulnerability is exploitable if the attacker has control over the pdfFilePath variable passed into pdf-image.

Remediation

Update to version 2.0.0 or later.

Resources

Advisory timeline

  1. published

    Advisory published
    Jun 1st, 2018
  2. reported

    Jun 1st, 2018