4 matches found
CVE-2025-46568
Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Prior to version 0.45.0, Stirling-PDF is vulnerable to SSRF-induced arbitrary file read. WeasyPrint redefines a set of HTML tags, including img, embed, object, and others. The references t...
CVE-2025-46568
creationtimestamp| type| source ---|---|--- 2025-05-01 20:00:50+00:00| published-proof-of-concept| Telegram/QFVP5TcYkEi5fC3DYhpbJ3tJ8sPusYmL1ImuYd1RRjGW6cE 2025-05-02 14:15:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14487 2025-06-21 19:52:27+00:00| published-proof-of-concept|...
CVE-2025-46568 Stirling-PDF Server-Side Request Forgery (SSRF)-Induced Arbitrary File Read Vulnerability
Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Prior to version 0.45.0, Stirling-PDF is vulnerable to SSRF-induced arbitrary file read. WeasyPrint redefines a set of HTML tags, including img, embed, object, and others. The references t...
CVE-2025-46568
CVE-2025-46568 affects Stirling-PDF prior to version 0.45.0. The vulnerability arises from SSRF-induced arbitrary file read due to WeasyPrint redefining HTML tags (e.g., img, embed, object). References to internal files allow attaching content from any webpage or local file to a PDF, enabling an ...