You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Mar 25, 2026. It is now read-only.
CVE-2024-4367 is a critical vulnerability in the PDF.js library, which is used for rendering PDF files in web browsers. This vulnerability allows attackers to inject and execute arbitrary JavaScript code within a user’s browser, leading to a Cross-Site Scripting (XSS) attack.
Vulnerability: Arbitrary JavaScript execution when a malicious PDF file is opened.
To fix this vulnerability, we need to upgrade the latest version of PDFJS-DIst, which is currently not supported by react-pdf-viewer.
Please fix this and make it compatible with a newer version of PDFJS-Dist.
Please let me know if you have any questions about this. I would appreciate your help.
Hi Team,
There is Venerability in the PDFJS-Dist.
CVE Code: CVE-2024-4367
CVE-2024-4367 is a critical vulnerability in the PDF.js library, which is used for rendering PDF files in web browsers. This vulnerability allows attackers to inject and execute arbitrary JavaScript code within a user’s browser, leading to a Cross-Site Scripting (XSS) attack.
Vulnerability: Arbitrary JavaScript execution when a malicious PDF file is opened.
To fix this vulnerability, we need to upgrade the latest version of PDFJS-DIst, which is currently not supported by react-pdf-viewer.
Please fix this and make it compatible with a newer version of PDFJS-Dist.
Please let me know if you have any questions about this. I would appreciate your help.