CNNVD-202508-972 Information
CNNVD ID
CNNVD-202508-972
Related CVE
- CNNVD Published: 2025-08-11
Description (Chinese)
Stirling-PDF是Stirling Tools开源的一个使用 Docker 的强大、本地托管的基于 Web 的 PDF 操作工具。 Stirling-PDF 1.1.0之前版本存在代码问题漏洞,该漏洞源于文件转PDF功能中LibreOffice的unoconvert工具存在服务端请求伪造漏洞。
Description (English)
Stirling-PDF is a powerful, locally hosted Web-based PDF operating tool using Docker as an open source for Stirling Tools. There was a code problem loophole in the pre-Stirling-PDF 1.1.0 version, which resulted from the unoconvert tool of LibreOffice in the file-to-PDF function, where the service requested a false bug.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
Stirling Tools
Published
2025-08-11
Last Modified
2026-02-24
References
https://github.com/Stirling-Tools/Stirling-PDF/commit/7d6b70871bad2a3ff810825f7382c49f55293943 https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-76hv-h7g2-xfv3 https://access.redhat.com/security/cve/cve-2025-55151
Patch
https://github.com/Stirling-Tools/Stirling-PDF/releases
Share on: