{
  "threat_severity" : "Moderate",
  "public_date" : "2026-02-02T20:34:50Z",
  "bugzilla" : {
    "description" : "jsPDF: jsPDF: PDF integrity compromised via arbitrary XML injection in addMetadata function",
    "id" : "2436149",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2436149"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
    "status" : "draft"
  },
  "cwe" : "CWE-91",
  "details" : [ "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addMetadata function allows users to inject arbitrary XML. If given the possibility to pass unsanitized input to the addMetadata method, a user can inject arbitrary XMP metadata into the generated PDF. If the generated PDF is signed, stored or otherwise processed after, the integrity of the PDF can no longer be guaranteed. The vulnerability has been fixed in jsPDF@4.1.0.", "A flaw was found in jsPDF, a JavaScript library for generating PDFs. A remote attacker can inject arbitrary Extensible Metadata Platform (XMP) metadata into a generated PDF by providing unsanitized input to the `addMetadata` function. This XML injection vulnerability can compromise the integrity of the PDF, especially if the document is subsequently signed, stored, or processed." ],
  "statement" : "This MODERATE impact vulnerability in jsPDF allows for the injection of arbitrary XMP metadata into generated PDFs if unsanitized input is passed to the `addMetadata` function. This could compromise the integrity of PDFs processed by affected Red Hat Advanced Cluster Security components. Red Hat Advanced Cluster Security versions 4.8 and 4.9 are affected.",
  "package_state" : [ {
    "product_name" : "Red Hat Advanced Cluster Security 4",
    "fix_state" : "Fix deferred",
    "package_name" : "advanced-cluster-security/rhacs-central-db-rhel8",
    "cpe" : "cpe:/a:redhat:advanced_cluster_security:4"
  }, {
    "product_name" : "Red Hat Advanced Cluster Security 4",
    "fix_state" : "Fix deferred",
    "package_name" : "advanced-cluster-security/rhacs-main-rhel8",
    "cpe" : "cpe:/a:redhat:advanced_cluster_security:4"
  }, {
    "product_name" : "Red Hat Advanced Cluster Security 4",
    "fix_state" : "Fix deferred",
    "package_name" : "advanced-cluster-security/rhacs-rhel8-operator",
    "cpe" : "cpe:/a:redhat:advanced_cluster_security:4"
  }, {
    "product_name" : "Red Hat Advanced Cluster Security 4",
    "fix_state" : "Fix deferred",
    "package_name" : "advanced-cluster-security/rhacs-roxctl-rhel8",
    "cpe" : "cpe:/a:redhat:advanced_cluster_security:4"
  }, {
    "product_name" : "Red Hat Advanced Cluster Security 4",
    "fix_state" : "Fix deferred",
    "package_name" : "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
    "cpe" : "cpe:/a:redhat:advanced_cluster_security:4"
  }, {
    "product_name" : "Red Hat Advanced Cluster Security 4",
    "fix_state" : "Fix deferred",
    "package_name" : "advanced-cluster-security/rhacs-scanner-v4-rhel8",
    "cpe" : "cpe:/a:redhat:advanced_cluster_security:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-24043\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-24043\nhttps://github.com/parallax/jsPDF/commit/efe54bf50f3f5e5416b2495e3c24624fc80b6cff\nhttps://github.com/parallax/jsPDF/releases/tag/v4.1.0\nhttps://github.com/parallax/jsPDF/security/advisories/GHSA-vm32-vv63-w422" ],
  "name" : "CVE-2026-24043",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}