Описание
Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0.
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.0 (исключая)
cpe:2.3:a:stirlingpdf:stirling_pdf:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02417
Низкий
8.6 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-918
EPSS
Процентиль: 85%
0.02417
Низкий
8.6 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-918