Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.878444
Category:Fedora Local Security Checks
Title:Fedora: Security Advisory for pandoc (FEDORA-2020-fe299b3fa3)
Summary:The remote host is missing an update for the 'pandoc'; package(s) announced via the FEDORA-2020-fe299b3fa3 advisory.
Description:Summary:
The remote host is missing an update for the 'pandoc'
package(s) announced via the FEDORA-2020-fe299b3fa3 advisory.

Vulnerability Insight:
Pandoc is a Haskell library for converting from one markup format to another,
and a command-line tool that uses this library. It can read several dialects of
Markdown and (subsets of) HTML, reStructuredText, LaTeX, DocBook, JATS,
MediaWiki markup, TWiki markup, TikiWiki markup, Creole 1.0, Haddock markup,
OPML, Emacs Org-Mode, Emacs Muse, txt2tags, Vimwiki, Word Docx, ODT, EPUB,
FictionBook2, roff man, and Textile, and it can write Markdown,
reStructuredText, XHTML, HTML 5, LaTeX, ConTeXt, DocBook, JATS, OPML, TEI,
OpenDocument, ODT, Word docx, PowerPoint pptx, RTF, MediaWiki, DokuWiki,
ZimWiki, Textile, roff man, roff ms, plain text, Emacs Org-Mode, AsciiDoc,
Haddock markup, EPUB (v2 and v3), FictionBook2, InDesign ICML, Muse, LaTeX
beamer slides, and several kinds of HTML/JavaScript slide shows (S5, Slidy,
Slideous, DZSlides, reveal.js).

In contrast to most existing tools for converting Markdown to HTML, pandoc has
a modular design: it consists of a set of readers, which parse text in a given
format and produce a native representation of the document, and a set of
writers, which convert this native representation into a target format.
Thus, adding an input or output format requires only adding a reader or writer.

For pdf output please also install pandoc-pdf or weasyprint.

Affected Software/OS:
'pandoc' package(s) on Fedora 31.

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-5238
https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGJH2A4VAV54X6NSCNNGSEIGIIY5N2VR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCDHBTUFIOYRIS5HAS6PZNBNMB7IOAX3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMQFOQQCWOAMQ4I2XIVCVOXXIJ75HDCW/
https://github.com/github/cmark-gfm/commit/85d895289c5ab67f988ca659493a64abb5fec7b4
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.