Security Advisory
CVE-2025-55151
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, the "convert file to pdf" functionality (/api/v1/convert/file/pdf) uses LibreOffices unoconvert tool for conversion, and SSRF vulnerabilities exist during the conversion process. This issue has been patched in version 1.1.0.