CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-3746

The pdfinfojs NPM module versions <= 0.3.6 has a command injection vulnerability that allows an attacker to execute arbitrary commands on the victim's machine.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.033

EPSS Ranking 86.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2018-3746

Pdfinfojs Project » Pdfinfojs » Version: 0.1.0

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.1.0
Pdfinfojs Project » Pdfinfojs » Version: 0.1.1

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.1.1
Pdfinfojs Project » Pdfinfojs » Version: 0.2.0

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.2.0
Pdfinfojs Project » Pdfinfojs » Version: 0.3.0

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.3.0
Pdfinfojs Project » Pdfinfojs » Version: 0.3.1

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.3.1
Pdfinfojs Project » Pdfinfojs » Version: 0.3.2

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.3.2
Pdfinfojs Project » Pdfinfojs » Version: 0.3.3

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.3.3
Pdfinfojs Project » Pdfinfojs » Version: 0.3.4

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.3.4
Pdfinfojs Project » Pdfinfojs » Version: 0.3.5

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.3.5
Pdfinfojs Project » Pdfinfojs » Version: 0.3.6

cpe:2.3:a:pdfinfojs_project:pdfinfojs:0.3.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-3746

Products

Pricing

Contact Us