Skip to main content

Pandoc

2 CVEs product

Monthly

CVE-2023-38745 MEDIUM PATCH This Month

Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required.

RCE Pandoc Debian Linux
NVD GitHub
CVSS 3.1
6.3
EPSS
0.2%
CVE-2023-35936 MEDIUM POC This Month

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Rated medium severity (CVSS 5.0). Public exploit code available and no vendor patch available.

RCE Pandoc Debian Linux
NVD GitHub
CVSS 3.1
5.0
EPSS
0.4%
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required.

RCE Pandoc Debian Linux
NVD GitHub
EPSS 0% CVSS 5.0
MEDIUM POC This Month

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Rated medium severity (CVSS 5.0). Public exploit code available and no vendor patch available.

RCE Pandoc Debian Linux
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy