CVE-2026-25535
Undergoing Analysis Undergoing Analysis - In Progress
Denial of Service via Unsanitized Image Data in jsPDF

Publication date: 2026-02-19

Last updated on: 2026-02-23

Assigner: GitHub, Inc.

Description
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the first argument of the `addImage` method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the `addImage` method, a user can provide a harmful GIF file that results in out of memory errors and denial of service. Harmful GIF files have large width and/or height entries in their headers, which lead to excessive memory allocation. Other affected methods are: `html`. The vulnerability has been fixed in jsPDF 4.2.0. As a workaround, sanitize image data or URLs before passing it to the addImage method or one of the other affected methods.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-19
Last Modified
2026-02-23
Generated
2026-05-27
AI Q&A
2026-02-19
EPSS Evaluated
2026-05-25
NVD
CVE-2026-25535
EUVD
EUVD-2026-8095
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
parall jspdf to 4.2.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the jsPDF library versions prior to 4.2.0, specifically in the addImage method and other affected methods like html. It occurs because user input controls the first argument of the addImage method without proper sanitization.

If an attacker provides a harmful GIF file with very large width and/or height values in its headers, this causes the library to allocate excessive memory, leading to out of memory errors and denial of service.

The issue has been fixed in jsPDF version 4.2.0. Until then, the recommended workaround is to sanitize image data or URLs before passing them to the addImage or other affected methods.


How can this vulnerability impact me? :

This vulnerability can lead to a denial of service condition in applications using vulnerable versions of jsPDF.

By passing specially crafted harmful GIF files with large dimensions, an attacker can cause the application to consume excessive memory, potentially crashing or becoming unresponsive.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, upgrade jsPDF to version 4.2.0 or later where the issue is fixed.

As a workaround, sanitize image data or URLs before passing them to the addImage method or other affected methods such as html.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart