Back to bug 2220871
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| TEJ RATHI | 2023-07-06 11:54:19 UTC | CC | petersen | |
| TEJ RATHI | 2023-07-06 11:56:07 UTC | Depends On | 2220872, 2220873 | |
| TEJ RATHI | 2023-07-06 11:56:38 UTC | Alias | TRIAGE_CVE-2023-35936 | TRIAGE-CVE-2023-35936 |
| Summary | TRIAGE_CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system | TRIAGE-CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system | ||
| Rohit Keshri | 2023-07-06 12:05:24 UTC | Depends On | 2220880 | |
| Red Hat Bugzilla | 2023-07-07 08:34:12 UTC | Assignee | security-response-team | nobody |
| TEJ RATHI | 2023-07-11 07:32:28 UTC | Fixed In Version | pandoc 3.1.4 | |
| Doc Text | An arbitrary file write vulnerability was found in Haskell's Pandoc, which can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This vulnerability allows an attacker to create or overwrite arbitrary files on the system (depending on the privileges of the process running pandoc). | |||
| TEJ RATHI | 2023-07-11 07:34:37 UTC | Alias | TRIAGE-CVE-2023-35936 | CVE-2023-35936 |
| Summary | TRIAGE-CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system | CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system | ||
| TEJ RATHI | 2023-07-27 14:00:40 UTC | Depends On | 2225382 | |
| Paige Jung | 2023-07-27 15:58:18 UTC | Doc Text | An arbitrary file write vulnerability was found in Haskell's Pandoc, which can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This vulnerability allows an attacker to create or overwrite arbitrary files on the system (depending on the privileges of the process running pandoc). | An arbitrary file write vulnerability was found in Haskell's Pandoc. This issue can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This may allow an attacker to create or overwrite arbitrary files on the system, depending on the privileges of the process running pandoc. |
Back to bug 2220871