Advisories for Npm/Pdf-Image package

A lack of input validation in pdf-image npm package version may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.

Command injection exists in pdf-image due to an unescaped string parameter.