Closed pixiwyn closed 2 months ago
Link to notice concerning security vulnerability in pdfjs-dist affecting users of any version less recent than 4.2.67: https://vulert.com/vuln-db/CVE-2024-4367
Business Impact/Reason for Severity A PDF containing malicious JavaScript could actually execute code.
In which environment did you see this bug? All.
Expected Behavior Implement workaround, pdf functionality remains same.
Actual Behavior Security vulnerability.
Cause of Bug, If Known TBD
Product Owner
Engineering
test
experimental
For testing: upload court issued document, make sure it's searchable, and that it can be signed. Please try a variety of different PDFs. Note: Fillable forms weren't searchable prior to this ticket.
Related ticket: https://app.zenhub.com/workspaces/flexionef-cms-5bbe4bed4b5806bc2bec65d3/issues/gh/flexion/ef-cms/10300
Link to notice concerning security vulnerability in pdfjs-dist affecting users of any version less recent than 4.2.67: https://vulert.com/vuln-db/CVE-2024-4367
Business Impact/Reason for Severity A PDF containing malicious JavaScript could actually execute code.
In which environment did you see this bug? All.
Expected Behavior Implement workaround, pdf functionality remains same.
Actual Behavior Security vulnerability.
Cause of Bug, If Known TBD
Definition of Done (Updated 4-14-21)
Product Owner
Engineering
test
environment if prod-like data is required. Otherwise, deployed to anyexperimental
environment for review.