Nodepdf Project Nodepdf — known CVE vulnerabilities
Every CVE whose affected-product data names Nodepdf Project Nodepdf, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2016-4991 — CVSS 9.8 (critical): Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF rendering. However, the shell escape does…