CNNVD-202511-2423 Information
CNNVD ID
CNNVD-202511-2423
Related CVE
- CNNVD Published: 2025-11-21
Description (Chinese)
Markdown To Pdf是德国Simon Hanisch个人开发者的一个简单且可破解的 Cli 工具。用于将 Markdown 转换为 pdf。 Markdown To Pdf 5.2.5之前版本存在代码注入漏洞,该漏洞源于Markdown前端块处理不当,可能导致远程代码执行。
Description (English)
Markdown To Pdf is a simple and decipherable Cli tool for German Simon Hanisch personal developers. To convert Markdown to pdf. The previous version of Markdown To Pdf 5.2.5 had a code injection loophole, which stemmed from the inappropriate handling of the Markdown front-end, which could lead to remote code implementation.
Hazard Level
Low
Vulnerability Type
代码注入
Affected Vendor
个人开发者
Published
2025-11-21
Last Modified
2026-02-24
References
https://github.com/simonhaenisch/md-to-pdf/commit/46bdcf2051c8d1758b391c1353185a179a47a4d9 https://github.com/simonhaenisch/md-to-pdf/security/advisories/GHSA-547r-qmjm-8hvw https://access.redhat.com/security/cve/cve-2025-65108
Patch
https://github.com/simonhaenisch/md-to-pdf/releases
Share on: