Lucene search
+L

11 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-21134

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00609EPSS
Exploits1References5
redhatcve
redhatcve
added 2025/07/13 12:39 a.m.7 views

CVE-2025-51591

A Server-Side Request Forgery SSRF flaw has been discovered in Pandoc. Maliciously crafted input can inject an iframe into pdf output. Mitigation When ingesting untrusted input users are advised to Pandoc's --sandbox option...

6.5CVSS6.3AI score0.00609EPSS
Exploits1References7
susecve
susecve
added 2025/07/11 11:21 p.m.4 views

SUSE CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS7.1AI score0.00609EPSS
Exploits1References3
nvd
nvd
added 2025/07/11 2:15 p.m.7 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS0.00609EPSS
Exploits1References11
osv
osv
added 2025/07/11 2:15 p.m.1 views

DEBIAN-CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS5.8AI score0.00609EPSS
Exploits1References1
cvelist
cvelist
added 2025/07/11 12:0 a.m.15 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

0.00609EPSS
Exploits1References7
cve
cve
added 2025/07/11 12:0 a.m.70 views

CVE-2025-51591

The CVE-2025-51591 SSRF flaw affects Pandoc, reportedly in v3.6.4, allowing an attacker to access the internal infrastructure via a crafted iframe injection. Public sources describe that Pandoc can retrieve and parse untrusted HTML content, enabling SSRF, with mitigations including using the --sa...

3.7CVSS6.6AI score0.00609EPSS
In wildExploits1References11
vulnrichment
vulnrichment
added 2025/07/11 12:0 a.m.2 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

6.6AI score0.00609EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2025/07/11 12:0 a.m.5 views

PT-2025-29230

Name of the Vulnerable Software and Affected Versions JGM Pandoc version 3.6.4 Description A Server-Side Request Forgery SSRF issue exists in JGM Pandoc version 3.6.4. This flaw allows attackers to potentially compromise the entire infrastructure by injecting a crafted iframe. Reports indicate...

6.1CVSS5.7AI score0.00609EPSS
Exploits1References75
debiancve
debiancve
added 2025/07/11 12:0 a.m.7 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS5.8AI score0.00609EPSS
Exploits1
osv
osv
added 2025/07/11 12:0 a.m.5 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS7AI score0.00609EPSS
Exploits1References13
Rows per page
Query Builder