Lucene search
+L

8 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Pandoc

Pandoc is a Haskell library for converting between different markup formats, as well as a command-line tool that utilizes this library. Starting from version 1.13 and before version 3.1.4, Pandoc was vulnerable to a file-write vulnerability. This vulnerability could be exploited by including a...

6.1CVSS5.8AI score0.00368EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/03/30 12:0 a.m.22 views

Fedora 38 : ghc-base64 / ghc-hakyll / gitit / pandoc / patat (2024-6ad6b9f417)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-6ad6b9f417 advisory. Security fix for CVE-2023-35936 and CVE-2023-38745 - pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 - base64 now packaged in Fedora...

6.3CVSS6AI score0.00368EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/07/27 2:54 p.m.36 views

CVE-2023-35936

An arbitrary file write vulnerability was found in Haskell's Pandoc. This issue can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This may allow an attacker to create or overwrite...

5CVSS5.5AI score0.00368EPSS
Exploits1References4
OSV
OSV
added 2023/07/25 4:15 a.m.5 views

UBUNTU-CVE-2023-38745

Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on the privileges of...

6.3CVSS6.4AI score0.00247EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.21 views

Debian dla-3507 : libghc-pandoc-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3507 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3507-1 [email protected]...

6.3CVSS6.3AI score0.00368EPSS
Exploits1References6
CVE
CVE
added 2023/07/25 12:0 a.m.105 views

CVE-2023-38745

Pandoc-era vulnerability set affects Pandoc up to 3.1.6. CVE-2023-38745: before 3.1.6, an arbitrary file write is possible when processing crafted image elements with --extract-media or PDF output, depending on process privileges. Root cause ties to an incomplete/adjusted handling of paths and do...

6.3CVSS5.7AI score0.00247EPSS
Exploits0References8Affected Software1
SUSE CVE
SUSE CVE
added 2023/07/07 2:18 a.m.4 views

SUSE CVE-2023-35936

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

5.3CVSS7.4AI score0.00368EPSS
Exploits1References4
OSV
OSV
added 2023/07/05 9:15 p.m.3 views

UBUNTU-CVE-2023-35936

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

6.1CVSS6.4AI score0.00368EPSS
Exploits1References3
Rows per page
Query Builder