pdf-image@1.1.0 vulnerabilities

Provides an interface to convert PDF's pages to png files in Node.js by using ImageMagick.

Direct Vulnerabilities

Known vulnerabilities in the pdf-image package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Command Injection

pdf-image is a library that provides an interface to convert PDF's pages to png files in Node.js by using ImageMagick.

Affected versions of this package are vulnerable to Command Injection through the PDFImage function, due to improper user input validation.

How to fix Command Injection?

There is no fixed version for pdf-image.

*
  • C
Arbitrary Command Injection

pdf-image provides an interface to convert PDF's pages to png files in Node.js by using ImageMagick.

Affected versions of this package are vulnerable to Arbitrary Command Injection.

How to fix Arbitrary Command Injection?

Upgrade pdf-image to version 2.0.1 or higher.

*
  • C
Arbitrary Command Injection

pdf-image provides an interface to convert PDF's pages to png files in Node.js by using ImageMagick.

Affected versions of this package are vulnerable to Arbitrary Command Injection.

How to fix Arbitrary Command Injection?

Upgrade pdf-image to version 2.0.1 or higher.

*