6.1 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:L
0.001 Low
EPSS
Percentile
38.0%
An arbitrary file write vulnerability was found in Haskell’s Pandoc. This issue can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This may allow an attacker to create or overwrite arbitrary files on the system, depending on the privileges of the process running pandoc.