High severityNVD Advisory· Published Aug 26, 2025· Updated Aug 26, 2025
jsPDF Parsing of Corrupt PNGs Leads to Potential Denial of Service (DoS)
CVE-2025-57810
Description
jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG file that results in high CPU utilization and denial of service. The vulnerability was fixed in jsPDF 3.0.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
jspdfnpm | < 3.0.2 | 3.0.2 |
Affected products
89- osv-coords88 versionspkg:apk/chainguard/opensearch-dashboards-2pkg:apk/chainguard/opensearch-dashboards-2-alerting-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-anomaly-detection-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-configpkg:apk/chainguard/opensearch-dashboards-2-dashboards-mapspkg:apk/chainguard/opensearch-dashboards-2-dashboards-notificationspkg:apk/chainguard/opensearch-dashboards-2-dashboards-observabilitypkg:apk/chainguard/opensearch-dashboards-2-dashboards-query-workbenchpkg:apk/chainguard/opensearch-dashboards-2-dashboards-reportingpkg:apk/chainguard/opensearch-dashboards-2-dashboards-search-relevancepkg:apk/chainguard/opensearch-dashboards-2-dashboards-visualizationspkg:apk/chainguard/opensearch-dashboards-2-fipspkg:apk/chainguard/opensearch-dashboards-2-fips-alerting-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-fips-anomaly-detection-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-fips-configpkg:apk/chainguard/opensearch-dashboards-2-fips-dashboards-mapspkg:apk/chainguard/opensearch-dashboards-2-fips-dashboards-notificationspkg:apk/chainguard/opensearch-dashboards-2-fips-dashboards-observabilitypkg:apk/chainguard/opensearch-dashboards-2-fips-dashboards-query-workbenchpkg:apk/chainguard/opensearch-dashboards-2-fips-dashboards-reportingpkg:apk/chainguard/opensearch-dashboards-2-fips-dashboards-search-relevancepkg:apk/chainguard/opensearch-dashboards-2-fips-dashboards-visualizationspkg:apk/chainguard/opensearch-dashboards-2-fips-index-management-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-fips-ml-commons-dashboardspkg:apk/chainguard/opensearch-dashboards-2-fips-security-analytics-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-fips-security-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-index-management-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-ml-commons-dashboardspkg:apk/chainguard/opensearch-dashboards-2-security-analytics-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-2-security-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3pkg:apk/chainguard/opensearch-dashboards-3-alerting-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-anomaly-detection-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-configpkg:apk/chainguard/opensearch-dashboards-3-dashboards-mapspkg:apk/chainguard/opensearch-dashboards-3-dashboards-notificationspkg:apk/chainguard/opensearch-dashboards-3-dashboards-observabilitypkg:apk/chainguard/opensearch-dashboards-3-dashboards-query-workbenchpkg:apk/chainguard/opensearch-dashboards-3-dashboards-reportingpkg:apk/chainguard/opensearch-dashboards-3-dashboards-search-relevancepkg:apk/chainguard/opensearch-dashboards-3-fipspkg:apk/chainguard/opensearch-dashboards-3-fips-alerting-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-fips-anomaly-detection-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-fips-configpkg:apk/chainguard/opensearch-dashboards-3-fips-dashboards-mapspkg:apk/chainguard/opensearch-dashboards-3-fips-dashboards-notificationspkg:apk/chainguard/opensearch-dashboards-3-fips-dashboards-observabilitypkg:apk/chainguard/opensearch-dashboards-3-fips-dashboards-query-workbenchpkg:apk/chainguard/opensearch-dashboards-3-fips-dashboards-reportingpkg:apk/chainguard/opensearch-dashboards-3-fips-dashboards-search-relevancepkg:apk/chainguard/opensearch-dashboards-3-fips-index-management-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-fips-ml-commons-dashboardspkg:apk/chainguard/opensearch-dashboards-3-fips-security-analytics-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-fips-security-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-index-management-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-ml-commons-dashboardspkg:apk/chainguard/opensearch-dashboards-3-security-analytics-dashboards-pluginpkg:apk/chainguard/opensearch-dashboards-3-security-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-2pkg:apk/wolfi/opensearch-dashboards-2-alerting-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-2-anomaly-detection-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-2-configpkg:apk/wolfi/opensearch-dashboards-2-dashboards-mapspkg:apk/wolfi/opensearch-dashboards-2-dashboards-notificationspkg:apk/wolfi/opensearch-dashboards-2-dashboards-observabilitypkg:apk/wolfi/opensearch-dashboards-2-dashboards-query-workbenchpkg:apk/wolfi/opensearch-dashboards-2-dashboards-reportingpkg:apk/wolfi/opensearch-dashboards-2-dashboards-search-relevancepkg:apk/wolfi/opensearch-dashboards-2-dashboards-visualizationspkg:apk/wolfi/opensearch-dashboards-2-index-management-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-2-ml-commons-dashboardspkg:apk/wolfi/opensearch-dashboards-2-security-analytics-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-2-security-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-3pkg:apk/wolfi/opensearch-dashboards-3-alerting-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-3-anomaly-detection-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-3-configpkg:apk/wolfi/opensearch-dashboards-3-dashboards-mapspkg:apk/wolfi/opensearch-dashboards-3-dashboards-notificationspkg:apk/wolfi/opensearch-dashboards-3-dashboards-observabilitypkg:apk/wolfi/opensearch-dashboards-3-dashboards-query-workbenchpkg:apk/wolfi/opensearch-dashboards-3-dashboards-reportingpkg:apk/wolfi/opensearch-dashboards-3-dashboards-search-relevancepkg:apk/wolfi/opensearch-dashboards-3-index-management-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-3-ml-commons-dashboardspkg:apk/wolfi/opensearch-dashboards-3-security-analytics-dashboards-pluginpkg:apk/wolfi/opensearch-dashboards-3-security-dashboards-pluginpkg:npm/jspdf
< 2.19.3-r0+ 87 more
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.4-r0
- (no CPE)range: < 2.19.4-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.4-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.4-r7
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.2-r4
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.2-r4
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.4-r7
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.4-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.4.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.4.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.4-r0
- (no CPE)range: < 2.19.4-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.4-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.4-r7
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 2.19.3-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.4.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.2.0-r0
- (no CPE)range: < 3.0.2
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-8mvj-3j78-4qmwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-57810ghsaADVISORY
- github.com/parallax/jsPDF/commit/4cf3ab619e565d9b88b4b130bff901b91d8688e9ghsax_refsource_MISCWEB
- github.com/parallax/jsPDF/pull/3880ghsax_refsource_MISCWEB
- github.com/parallax/jsPDF/releases/tag/v3.0.2ghsax_refsource_MISCWEB
- github.com/parallax/jsPDF/security/advisories/GHSA-8mvj-3j78-4qmwghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.