EPSS
Percentile
78.9%
Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.
hackerone.com/reports/781664
nvd.nist.gov/vuln/detail/CVE-2020-8132