CVE-2020-8132: Improper Input Validation and Code Injection in pdf-image

Severity: Critical

CVSS Score: 9.8

Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.