Lucene search
+L

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-21134

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00609EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/07/13 12:39 a.m.7 views

CVE-2025-51591

A Server-Side Request Forgery SSRF flaw has been discovered in Pandoc. Maliciously crafted input can inject an iframe into pdf output. Mitigation When ingesting untrusted input users are advised to Pandoc's --sandbox option...

6.5CVSS6.3AI score0.00609EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2025/07/11 11:21 p.m.6 views

SUSE CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS7.1AI score0.00609EPSS
Exploits1References3
NVD
NVD
added 2025/07/11 2:15 p.m.7 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS0.00609EPSS
Exploits1References11
OSV
OSV
added 2025/07/11 2:15 p.m.1 views

DEBIAN-CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS5.8AI score0.00609EPSS
Exploits1References1
CVE
CVE
added 2025/07/11 12:0 a.m.70 views

CVE-2025-51591

The CVE-2025-51591 SSRF flaw affects Pandoc, reportedly in v3.6.4, allowing an attacker to access the internal infrastructure via a crafted iframe injection. Public sources describe that Pandoc can retrieve and parse untrusted HTML content, enabling SSRF, with mitigations including using the --sa...

3.7CVSS6.6AI score0.00609EPSS
In wildExploits1References11
Vulnrichment
Vulnrichment
added 2025/07/11 12:0 a.m.2 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

6.6AI score0.00609EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/07/11 12:0 a.m.6 views

PT-2025-29230

Name of the Vulnerable Software and Affected Versions JGM Pandoc version 3.6.4 Description A Server-Side Request Forgery SSRF issue exists in JGM Pandoc version 3.6.4. This flaw allows attackers to potentially compromise the entire infrastructure by injecting a crafted iframe. Reports indicate...

6.1CVSS5.7AI score0.00609EPSS
Exploits1References75
Debian CVE
Debian CVE
added 2025/07/11 12:0 a.m.8 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS5.8AI score0.00609EPSS
Exploits1
OSV
OSV
added 2025/07/11 12:0 a.m.5 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS7AI score0.00609EPSS
Exploits1References13
Cvelist
Cvelist
added 2025/07/11 12:0 a.m.18 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

0.00609EPSS
Exploits1References7
Rows per page
Query Builder