CVE-2024-4367 – Arbitrary JavaScript execution in PDF.js

I do not know if Obsidian is effected by this and wanted the Obsidian team to be aware of the vulnerability.

1 Like

thank you we are aware of that.

This public proof-of-concept shows Obsidian is affected, (the second screenshot is of Obsidian)

the fix for this is in 1.6.1

2 Likes