The security vulnerability, identified as CVE-2025-51591, is classified as Server-Side Request Forgery (SSRF) and has a CVSS score of 6.5. This flaw allows attackers to manipulate AWS Instance Metadata Service which can lead to unauthorized access to sensitive data. As cloud services become increasingly popular, vulnerabilities in widely used utilities like Pandoc pose serious risks to organizations relying on these technologies.
The implications of exploiting this vulnerability are significant, enabling attackers to potentially extract sensitive information from users’ AWS instances. Organizations using Pandoc are urged to apply security patches and monitor their systems for unusual activity. The discovery of such an exploit underscores the importance of proactive security measures in cloud environments to safeguard against emerging threats.
👉 Pročitaj original: The Hacker News
