Lucene search
K

8 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Pandoc

Pandoc is a Haskell library for converting between different markup formats, as well as a command-line tool that utilizes this library. Starting from version 1.13 and before version 3.1.4, Pandoc was vulnerable to a file-write vulnerability. This vulnerability could be exploited by including a...

6.1CVSS5.8AI score0.00368EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/03/30 12:0 a.m.22 views

Fedora 38 : ghc-base64 / ghc-hakyll / gitit / pandoc / patat (2024-6ad6b9f417)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-6ad6b9f417 advisory. Security fix for CVE-2023-35936 and CVE-2023-38745 - pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 - base64 now packaged in Fedora...

6.3CVSS6AI score0.00368EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/07/27 2:54 p.m.36 views

CVE-2023-35936

An arbitrary file write vulnerability was found in Haskell's Pandoc. This issue can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This may allow an attacker to create or overwrite...

5CVSS5.5AI score0.00368EPSS
Exploits1References4
OSV
OSV
added 2023/07/25 4:15 a.m.4 views

UBUNTU-CVE-2023-38745

Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on the privileges of...

6.3CVSS6.4AI score0.00247EPSS
Exploits0References6
CVE
CVE
added 2023/07/25 12:0 a.m.104 views

CVE-2023-38745

Pandoc-era vulnerability set affects Pandoc up to 3.1.6. CVE-2023-38745: before 3.1.6, an arbitrary file write is possible when processing crafted image elements with --extract-media or PDF output, depending on process privileges. Root cause ties to an incomplete/adjusted handling of paths and do...

6.3CVSS5.7AI score0.00247EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.21 views

Debian dla-3507 : libghc-pandoc-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3507 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3507-1 [email protected]...

6.3CVSS6.3AI score0.00368EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/07/07 2:18 a.m.4 views

SUSE CVE-2023-35936

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

5.3CVSS7.4AI score0.00368EPSS
Exploits1References4
OSV
OSV
added 2023/07/05 9:15 p.m.2 views

UBUNTU-CVE-2023-35936

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

6.1CVSS6.4AI score0.00368EPSS
Exploits1References3
Rows per page
Query Builder