VYPR
Vendor

Pandoc

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2023-35936MedJul 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing…

  • CVE-2023-38745MedJul 25, 2023
    risk 0.00cvss 6.3epss 0.00

    Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on…