{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24133", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-21T18:38:22.474Z", "datePublished": "2026-02-02T20:32:37.631Z", "dateUpdated": "2026-02-03T15:17:40.830Z"}, "containers": {"cna": {"title": "jsPDF Affected by Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder", "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c"}, {"name": "https://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d", "tags": ["x_refsource_MISC"], "url": "https://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d"}, {"name": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0"}], "affected": [{"vendor": "parallax", "product": "jsPDF", "versions": [{"version": "< 4.1.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-02T20:33:35.357Z"}, "descriptions": [{"lang": "en", "value": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0."}], "source": {"advisory": "GHSA-95fx-jjr5-f39c", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-03T15:16:10.492386Z", "id": "CVE-2026-24133", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:17:40.830Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24133", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-03T15:16:10.492386Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:17:35.742Z"}}], "cna": {"title": "jsPDF Affected by Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder", "source": {"advisory": "GHSA-95fx-jjr5-f39c", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "parallax", "product": "jsPDF", "versions": [{"status": "affected", "version": "< 4.1.0"}]}], "references": [{"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c", "name": "https://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d", "name": "https://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0", "name": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-02T20:33:35.357Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24133", "state": "PUBLISHED", "dateUpdated": "2026-02-03T15:17:40.830Z", "dateReserved": "2026-01-21T18:38:22.474Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-02T20:32:37.631Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0."}], "id": "CVE-2026-24133", "lastModified": "2026-02-03T16:44:03.343", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-02T23:16:08.123", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d"}, {"source": "security-advisories@github.com", "url": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0"}, {"source": "security-advisories@github.com", "url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "jsPDF: jsPDF: Denial of Service due to excessive memory allocation from crafted BMP images", "id": "2436135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436135"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-1285", "details": ["jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0.", "A flaw was found in jsPDF. A remote attacker can exploit this vulnerability by providing specially crafted BMP image data or URLs to the addImage or html methods. This can cause the application to allocate excessive memory, leading to an out-of-memory error and a denial of service (DoS)."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-24133", "package_state": [{"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-central-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-rhel8-operator", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-roxctl-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-scanner-v4-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}], "public_date": "2026-02-02T20:32:37Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-24133\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-24133\nhttps://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d\nhttps://github.com/parallax/jsPDF/releases/tag/v4.1.0\nhttps://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c"], "statement": "This MODERATE impact flaw in the jsPDF library, affecting Red Hat Advanced Cluster Security, allows a remote attacker to trigger a denial of service. By providing specially crafted BMP image data or URLs to the `addImage` or `html` methods, an attacker can cause the application to consume excessive memory, leading to an out-of-memory error.", "threat_severity": "Moderate"}