MidnightBSD

Advisories for mrdoc

CVE-2021-32568 MEDIUM

mrdoc is vulnerable to Deserialization of Untrusted Data

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-502,CWE-502,

Products Affected

Vendor Product Version
mrdoc mrdoc *
CVE-2025-45250

MrDoc v0.95 and before is vulnerable to Server-Side Request Forgery (SSRF) in the validate_url function of the app_doc/utils.py file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.1 3.4

Products Affected

Vendor Product Version
mrdoc mrdoc *