CVE-2025-51591
published 2025-07-11CVE-2025-51591: A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted…
PriorityP276low3.7CVSS 3.1
AVNACHPRNUINSUCLINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.63%
45.7th percentile
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilities. Using the ‘--sandbox’ option or ‘pandoc-server’ can mitigate such vulnerabilities. Using pandoc with an external ‘--pdf-engine’ can also enable SSRF vulnerabilities, such as CVE-2022-35583 in wkhtmltopdf.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pandoc | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect pandoc process making outbound HTTP requests to the IMDS link-local address (169.254.169.254), particularly to IAM credential paths — this is anomalous and indicative of SSRF exploitation via crafted iframe injection. ↗
- →Hunt for HTML input documents submitted to pandoc containing <iframe> or <img> src attributes pointing to 169.254.169.254 or other internal/private IP ranges — this is the attacker's delivery mechanism for the SSRF. ↗
- →Flag pandoc invocations that lack the '--sandbox' flag or 'raw_html' flag when processing untrusted HTML input, as these are the recommended mitigations against this SSRF vector. ↗
- →Monitor for pandoc accessing sensitive IMDS paths such as /latest/meta-data/iam/info and /latest/meta-data/iam/security-credentials/ — these are high-value attacker targets for credential harvesting. ↗
- →Enforce IMDSv2 on all EC2 instances to neutralize iframe-based SSRF attempts from pandoc; IMDSv1 environments are at high risk of credential compromise from this attack pattern. ↗
- ·IMDSv1 environments are fully exploitable by this attack; IMDSv2 enforcement blocks the stateless GET requests made by iframe src attributes, effectively mitigating cloud credential theft via this vector. ↗
- ·Even with IMDSv2 blocking cloud credential access, the attacker can still reach other internal servers via the SSRF — the blast radius is not fully contained by IMDSv2 alone. ↗
CVSS provenance
nvdv3.13.7LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
osv9.8CRITICAL
vulncheck9.8CRITICAL
vendor_debian9.8LOW
vendor_redhat9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
pandoc: Server-Side Request Forgery in Pandoc
vendor_redhat·2025-07-11·CVSS 9.8
CVE-2025-51591 [CRITICAL] CWE-918 pandoc: Server-Side Request Forgery in Pandoc
pandoc: Server-Side Request Forgery in Pandoc
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilities. Using the ‘--sandbox’ option or ‘pandoc-server’ can mitigate such vulnerabilities. Using pandoc with an external ‘--pdf-engine’ can also enable SSRF vulnerabilities, such as CVE-2022-35583 in wkhtmltopdf.
A Server-Side Request Forgery (SSRF) flaw has been discovered in Pandoc. Maliciously crafted input can inject an iframe into pdf output.
Mitigation: When ingesting untrusted input users are advised to Pandoc's `--sandbox` option.
Package: pand
Debian
CVE-2025-51591: pandoc - A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to ga...
vendor_debian·2025·CVSS 9.8
CVE-2025-51591 [CRITICAL] CVE-2025-51591: pandoc - A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to ga...
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilities. Using the ‘--sandbox’ option or ‘pandoc-server’ can mitigate such vulnerabilities. Using pandoc with an external ‘--pdf-engine’ can also enable SSRF vulnerabilities, such as CVE-2022-35583 in wkhtmltopdf.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
GHSA
GHSA-mcv3-ch54-xqfh: A Server-Side Request Forgery (SSRF) in JGM Pandoc v3
ghsa_unreviewed·2025-07-11
CVE-2025-51591 [MEDIUM] CWE-918 GHSA-mcv3-ch54-xqfh: A Server-Side Request Forgery (SSRF) in JGM Pandoc v3
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe.
OSV
CVE-2025-51591: A Server-Side Request Forgery (SSRF) in JGM Pandoc v3
osv·2025-07-11·CVSS 9.8
CVE-2025-51591 [CRITICAL] CVE-2025-51591: A Server-Side Request Forgery (SSRF) in JGM Pandoc v3
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilities. Using the ‘--sandbox’ option or ‘pandoc-server’ can mitigate such vulnerabilities. Using pandoc with an external ‘--pdf-engine’ can also enable SSRF vulnerabilities, such as CVE-2022-35583 in wkhtmltopdf.
VulnCheck
Server-Side Request Forgery (SSRF)
vulncheck·2025·CVSS 9.8
CVE-2025-51591 [CRITICAL] Server-Side Request Forgery (SSRF)
Server-Side Request Forgery (SSRF)
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilities. Using the ‘--sandbox’ option or ‘pandoc-server’ can mitigate such vulnerabilities. Using pandoc with an external ‘--pdf-engine’ can also enable SSRF vulnerabilities, such as CVE-2022-35583 in wkhtmltopdf.
Affected: JGM JGM Pandoc
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.wiz.io/blog/imds-anomaly-hunting-zer
No detection rules found.
No public exploits indexed.
http://jgm.comhttp://pandoc.comhttps://github.com/RealestName/Vulnerability-Research/tree/main/CVE-2025-51591https://github.com/jgm/pandoc/discussions/11200https://github.com/jgm/pandoc/issues/10682https://github.com/jgm/pandoc/issues/11261https://github.com/jgm/pandoc/issues/8874https://github.com/jgm/pandoc/pull/11262https://www.wiz.io/blog/imds-anomaly-hunting-zero-dayhttps://github.com/jgm/pandoc/commit/67edf7ce7cd3563a180ae44bd122b012e22364f8https://github.com/jgm/pandoc/issues/10682https://pandoc.orghttps://www.wiz.io/blog/imds-anomaly-hunting-zero-daynot-applicable:http://jgm.com/not-applicable:http://pandoc.com/
2025-07-11
Published
Exploited in the wild