Description
This package is working as intended. A Security section has been added since v0.6.1 to detail proper usage of this library. Npm has revoked their advisory altogether.
Recommendation
Update the html-pdf-chrome package to the latest compatible version. Followings are version details:
- Affected version(s): < 0.6.1
- Patched version(s): 0.6.1
References
Related Issues
- counterpart vulnerable to prototype pollution - CVE-2025-57354
- Parse Server has an OAuth login vulnerability - CVE-2025-30168
- Use of Insufficiently Random Values in undici - CVE-2025-22150
- SummerNote Cross Site Scripting Vulnerability - CVE-2024-37629
- Tags:
- npm
- html-pdf-chrome
Anything's wrong? Let us know Last updated on January 11, 2023