VYPR
Vendor

Jgm

Products
4
CVEs
5
Across products
5
Status
Private

Products

4

Recent CVEs

5
  • CVE-2020-25821HigSep 23, 2020
    risk 0.49cvss 7.5epss 0.01

    peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

  • CVE-2018-20453MedDec 25, 2018
    risk 0.42cvss 6.5epss 0.01

    The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file.

  • CVE-2023-35936MedJul 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing…

  • CVE-2025-51591LowJul 11, 2025
    risk 0.17cvss 3.7epss 0.01

    A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable…

  • CVE-2021-38711HigAug 16, 2021
    risk 0.00cvss 7.5epss 0.01

    In gitit before 0.15.0.0, the Export feature can be exploited to leak information from files.