{"id":"CVE-2025-55150","summary":"Stirling-PDF SSRF vulnerability on /api/v1/convert/html/pdf","details":"Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/html/pdf endpoint to convert HTML to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0.","aliases":["GHSA-xw8v-9mfm-g2pm"],"modified":"2026-04-12T17:14:06.658996Z","published":"2025-08-11T21:57:14.326Z","database_specific":{"cwe_ids":["CWE-918"],"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/55xxx/CVE-2025-55150.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/55xxx/CVE-2025-55150.json"},{"type":"ADVISORY","url":"https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-xw8v-9mfm-g2pm"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55150"},{"type":"FIX","url":"https://github.com/Stirling-Tools/Stirling-PDF/commit/7d6b70871bad2a3ff810825f7382c49f55293943"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/stirling-tools/stirling-pdf","events":[{"introduced":"0"},{"fixed":"7d6b70871bad2a3ff810825f7382c49f55293943"}]}],"versions":["0.13.0","stirling-pdf-chart-1.0.1","v0.10.0","v0.10.1","v0.10.2","v0.10.3","v0.12.0","v0.12.1","v0.12.2","v0.13.0","v0.13.1","v0.14.0","v0.14.1","v0.14.2","v0.14.3","v0.14.4","v0.14.5","v0.15.0","v0.15.1","v0.16.0","v0.16.1","v0.17.0","v0.17.1","v0.17.2","v0.18.0","v0.18.1","v0.19.0","v0.19.1","v0.20.0","v0.20.1","v0.20.2","v0.21.0","v0.22.0","v0.22.1","v0.22.2","v0.22.3","v0.22.4","v0.22.5","v0.22.6","v0.22.7","v0.22.8","v0.23.0","v0.23.1","v0.24.0","v0.24.1","v0.24.2","v0.24.3","v0.24.4","v0.24.5","v0.24.6","v0.25.0","v0.25.1","v0.25.2","v0.25.3","v0.26.0","v0.26.1","v0.27.0","v0.28.0","v0.28.1","v0.28.2","v0.28.3","v0.29.0","v0.3.0","v0.3.2","v0.3.3","v0.3.4","v0.30.0","v0.30.1","v0.31.0","v0.31.1","v0.32.0","v0.33.0","v0.33.1","v0.34.0","v0.35.0","v0.35.1","v0.36.0","v0.36.1","v0.36.2","v0.36.3","v0.36.4","v0.36.5","v0.36.6","v0.37.0","v0.37.1","v0.38.0","v0.39.0","v0.4.0","v0.4.2","v0.4.3","v0.4.4","v0.4.5","v0.4.6","v0.4.7","v0.4.8","v0.40.0","v0.40.1","v0.40.2","v0.41.0","v0.42.0","v0.43.0","v0.43.1","v0.43.2","v0.44.0","v0.44.1","v0.44.2","v0.44.3","v0.45.0","v0.45.1","v0.45.2","v0.45.3","v0.45.4","v0.45.5","v0.45.6","v0.46.0","v0.46.1","v0.46.2","v0.5.0","v0.6.0","v0.7.0","v0.8.0","v0.8.1","v0.8.2","v0.8.3","v0.9.0","v0.9.1","v1.0.0","v1.0.1","v1.0.2"],"database_specific":{"vanir_signatures":[{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-17eb9294","signature_version":"v1","digest":{"line_hashes":["17870943298297358197427703815311095474","136990786752029565412123281119928800457","105974405773328520365167066172523958389","233878942045371467958390000590038694708","189225278905607919331700375321987786864","309152524929403492017257785456882500851","14224393145084723035839855199344128396","176979167945465678190059331060876933064","6853132229606560749103146412923586189","253304689751844506572011243795656739110","100252356947616071377565405383715440334","217517780272125220912819431500342538458","34159613777912423110653146713931297416","165202939484402560932516929401839445048","173033633226158719785978807056729163978"],"threshold":0.9},"target":{"file":"app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertOfficeController.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-213a4544","signature_version":"v1","digest":{"length":120,"function_hash":"137360396823513302425817022034675374539"},"target":{"file":"app/common/src/main/java/stirling/software/common/util/FileToPdf.java","function":"sanitizeHtmlContent"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-25b91138","signature_version":"v1","digest":{"line_hashes":["25830801766560993482839865561869692555","299161136315127410907010714881810351674","140397386601123547202839566231695047134","132515349633078609706386019034756123345","277381367777639455544569728890861980820","248023388001121157415681844313852744559","21064677425245165916577334985831315623","183358347946677542343091529864637851299","136641244592088150541314278389949760735","41247476229459010767298316264035379829","136142298427296781073214009646845503856","155351588420110930438961507573454197173","251448795003875587284921926772497531105","191758236265297901909224431545740307367","177260493467837767565887818591889704746","43219998301302792754102711096111602266","304704130656806632095175042570342350318","297764186031765081551699339328305363768","299276628751359973224615619195287872916","48855679427017223422008015950878568770","278373364599210793637829758114105434401","127441774544020089358202854808132026428","154798186815342012012724760607048962490","189380376901580063787316757695659129216","301486583971538939944625010069500387325"],"threshold":0.9},"target":{"file":"app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertMarkdownToPdf.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-47499a10","signature_version":"v1","digest":{"length":89,"function_hash":"3369774759866692502849762029430493877"},"target":{"file":"app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java","function":"sanitize"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-5e2d6349","signature_version":"v1","digest":{"line_hashes":["65476837315339071046083017200497643580","323550356570972674837043157791743177471","131119952071434073243497492616901828729","244708472967314530825680694746367688565","338391448087239364554845438009761595208","223749236412176661972369435328445405224","277456241555732008930324955094221587211","311024547873329132474656732677945081336","55698503411429535793428472707314175949","206987182839532907679023080288022335910","139748338227641610587155985361785770638","106976694672875689464758725371084893657","133336823409962352976011011244470851631","13283879443829812535783084038042513608","323100287979838134986453012733873760675","315204864070678120508643204596049878048","20292070081745259297116923082453052725","219603272423939055028820847055171318749","68411517190417129342875360417953931423","35184403194293170102338688903115102739","168616844703525061672973848897946733458","82220791692048239140144271269204351503","234053410384440733275468075140676647986","268820593823125166868086153488630654254","265295822549232285402245360965508664992","136878733628882088088069548599627331336","24608479288486000148287436501098875072","339909318356895639250411854831325942555","176984869710289025491306209626024683173","12315423888714409950336196819338985738","31473581895801133239695433851402951580","317711727900363038465593163724050528034","21617800377358757865591387154478851966","89951484242042311226495340691942894162","277466802135830437824978145463239882076","140499010581966832204889732185925072656","134139256937147471230299081430427224249","282041705160344145704412942129906486353","318565072981184823688127556485773020696","306729563000293062794731246503514893988","21297598102690759116641375394525101928","331349424558151354223195906431938073956","108610310605075793970060637086076875292","339929258346543284207998681861715067561","315914769542902785560194508021547779581","7685408580536740440898266982412569182","233289842062677107230569363640343871671","315990861621405507348161668253153300330","52415641306729761440302997397192887586","72434314787430972355763887439740177857","98278332496647857244598488153076657203","252698462777517853847345657531796522895","185418888711692040323916355342006750639","72682809181010962806406894020075367067","309707549755731438951594111929556624507","270975550972312190204543467265105324653","157331256584100426928654035954125144710","91554838219790532042206433563063091693","218098732109605939250141428349059139947","27557310316754116426697080660985871007","289456733366518006887579639922608504768","168070693832472179353653209340756946601","314356244067961380288336003701628173744","91391480057471740089716081390985265862","158268830816861007627270829513163131553","125259590237040943314281013359915908378","26771387690299458368511481250952416156","194611291296333419003623521996217944556","262054450731430746205986444160093391143","30470388861957757225481576225210340100","199885837558957597668971220299357397989","102240072010619768061488092616362417506","85677533528203561324891730782722501638","221089834175018696228172834130910369926"],"threshold":0.9},"target":{"file":"app/common/src/test/java/stirling/software/common/util/CustomHtmlSanitizerTest.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-70a08e19","signature_version":"v1","digest":{"line_hashes":["271831905728939233730020509455157706245","103960683107797686999146669815335858771","310423892043830154708142565510876415670","135512823297790525147875345686618677980","218298310830205289638588123071493018554","246570271467045474255429799121222820631","186225906316271810791588440825676108832","333744039949383699270616592444793972674","310348577795276856539142684875370980254","338303570540481032632345540118899185766","104686874717935438206806704605079386301","29869807435184911471750278083615834105","209491507029472273160596058682465507848","97718302226179863799255172519097194067","72535831235029410233706763779313146457","156285304349927724014159406903249865484","194008449615077974835754733064273075415","260761589194037383652215251809297020","297442347484272719455826497142913756202","300863399097460987026046583002093044966","177520893543593176348891799878912492328","63895650051740772902022048932871341847","332246193959883699853153594847974224668","307969704049790798465903988133574900530","147830549107765364806440201475043868655","308275026433968966750274024521579905554","61439788834254596286471398072489215636","220105401021532183123045932323272827425","142431998058535606674809801283928726072","328529047728654269699467126742603309582","185897953043523064388347020788328014097","299443675221503423584365251629611393063","144485111079862632676683969979276247334","270802893702670448783965957058059948284","87697930253203625307175998898661466188","147830549107765364806440201475043868655","215504675549752947743205920474812496588","168286142787132196844361992970168009386","147622847013872016184401756486613594709","31409524195853361802324581624086807536","23595707164901210295041278665903425817","116781196665748646420434133080680073402","153475532622831597421237972260078410065","210431426408072118741481002977381370340","177520893543593176348891799878912492328","63895650051740772902022048932871341847","332246193959883699853153594847974224668","307969704049790798465903988133574900530","147830549107765364806440201475043868655","308275026433968966750274024521579905554","61439788834254596286471398072489215636","137843393443702350090556964914175681869","35864474575232139858858846845574729064","328529047728654269699467126742603309582","185897953043523064388347020788328014097","299443675221503423584365251629611393063","144485111079862632676683969979276247334","270802893702670448783965957058059948284","87697930253203625307175998898661466188","147830549107765364806440201475043868655","215504675549752947743205920474812496588","168286142787132196844361992970168009386","147622847013872016184401756486613594709","31409524195853361802324581624086807536","422774500309884048289606188583566406","286592139967966968132331906981015727516","327215634168562021924636331156978449239","330749233218199686366207383720317320689","10373577272923159247209957485966681601","140050159939530853293576265360300095516","259650469108794538265302795645562496944","307969704049790798465903988133574900530","147830549107765364806440201475043868655","308275026433968966750274024521579905554","80634578505853749352455903355067970959","89104843596635518458942690505830134821","223847483001110704518577907653155040553","328529047728654269699467126742603309582","185897953043523064388347020788328014097","53544352553117366102800495640514655362","270144851594926218699017432945528237636","303711436037611059921316868049911185475","253644181347654560058354320163967676425"],"threshold":0.9},"target":{"file":"app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-7b59717d","signature_version":"v1","digest":{"line_hashes":["326999111878842516717216171473485850092","311805834884177415592530011935710956628","245887013262456637158377772964732006742","128173318652171993855284540687489629267","39311136749533985575636394928137962962","65207714671938876062003545381277393185","168370756911827247565488191827206667638","17369066543250416539371642189638408401","102072936763623991699998953139524692924","141238234316226596474747596674205672913","41216663625372436612050251653528974817","11757455575204901353006530943029455782","108748036280521271305762767033818005938","251426008265067498451572137385718894257","182784306842674414524222801174961297184"],"threshold":0.9},"target":{"file":"app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-8238b430","signature_version":"v1","digest":{"length":1209,"function_hash":"38772625856379841422628301888054659948"},"target":{"file":"app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertMarkdownToPdf.java","function":"markdownToPdf"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-8b62e0a3","signature_version":"v1","digest":{"line_hashes":["63071072690183135366171467832056054545","313621300162518729513993824071486270810","151266914212953448079607112496832507009","48188538613063484725327288591532559367","56882723067634429393641272450789152249","281131261347795190537501583034582412765","97105482169408295559855281854851158946","3382470423279380484126718195428955930","221709327128623169724966520573653688450","240285065357063847912255688975339434360","177967181828558226423102873664162508783","307740101531481285812467345461417072627","312311706743824280135485513662963214003","201529403640900839732852110238022256441","233289023767008793742087274399733890460","151107043814587624806072695389848286884","329182445430247996335404221307705565581","240385373361469364312471166282786397165","332045099769684968862047369084274608311","96784823626469088028322980212544386496","334156663678591220034908904235635220520","111476597823925539621875651472044438712","77096314055026401797294007583218552869","136325360086743294149490568170222695174","247180030110863996025601038686189782057","267759127233478648976580685617324070537","276345799464360775605356435278408827122","28597405731678505104073605324063023681"],"threshold":0.9},"target":{"file":"app/common/src/main/java/stirling/software/common/util/FileToPdf.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-97a61a76","signature_version":"v1","digest":{"length":1781,"function_hash":"261781262460037249741592886700485566910"},"target":{"file":"app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java","function":"convertEmlToPdfWithAttachments"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-9b52b7d9","signature_version":"v1","digest":{"line_hashes":["25830801766560993482839865561869692555","167935651345587489531942727532623156476","271480095919815088150668689183421246940","52435320988845498143197014222064298694","276803119053849922261882233548904379936","248023388001121157415681844313852744559","223991611617474919593774054766505555798","115366696795826579256337313625211764188","136641244592088150541314278389949760735","303914701289616091686489635150434066639","255925356366017431111410911061270334606","78986066041100476213489609179574124934","32706272726278719123508856263018908189","85251751292604519384032592864712584998","267443521250206394987619471542685322066","43219998301302792754102711096111602266","304704130656806632095175042570342350318","164829264645780941550733159276727898493","132900308935075086621951202936653729561","295846394958992987487052562270792521048","335425045613624030042417561972063948620","281451169725961448587127131331068158703","138207659244371257285693074898334786260","189380376901580063787316757695659129216","301486583971538939944625010069500387325"],"threshold":0.9},"target":{"file":"app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertHtmlToPDF.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-a717ce4c","signature_version":"v1","digest":{"line_hashes":["302761828065461214525438365172525553417","115373589387818084112465987984355672322","203592967077602458025306987636551152929","13622162108005962802347487482410932211","148054667429263376582073412290897825031","277575866269658170983118418262968626711","99520285509743901395876387502468424660","172966301643040473662469033144727068928","153923528278122408987705615350207601355","73544106697123954477217751760173627797","97084116999912077869012509453842067980","286192406243476114988579480648799714317","191741896719177854461470231647004092362","162328605491810890769888007582808992365"],"threshold":0.9},"target":{"file":"app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertEmlToPDF.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-b51da8df","signature_version":"v1","digest":{"line_hashes":["300007003670600630469321681045573019035","18144978435220329849795410222995933071","54256253682757210844514879005804008098","219213887231089544357590489570328982445","339313753311468416921934019937316694949","43509091866762575557809896037295017419","325587839628744417038309788987813156083"],"threshold":0.9},"target":{"file":"app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-c142eec0","signature_version":"v1","digest":{"length":805,"function_hash":"270399104985595455920266017413785097042"},"target":{"file":"app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertOfficeController.java","function":"convertToPdf"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-d0a38df6","signature_version":"v1","digest":{"length":809,"function_hash":"55977157899065296467744296454906926181"},"target":{"file":"app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertHtmlToPDF.java","function":"HtmlToPdf"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-dabb9fe7","signature_version":"v1","digest":{"length":3219,"function_hash":"283378152307887287393268044052113431813"},"target":{"file":"app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertEmlToPDF.java","function":"convertEmlToPdf"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-db5c8d93","signature_version":"v1","digest":{"length":719,"function_hash":"62750531634346684066525195489120208195"},"target":{"file":"app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java","function":"handleErrorsDuringConversion"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-e9a4fb0d","signature_version":"v1","digest":{"line_hashes":["113853724387618005643382541709880929718","72568185208652759652768441532215962911","305166386094384104722265453545136747088","1019167267860495197333170024494836407","18728903270550314114568144384430197808","69079470190856692671821882924534238698","178831591422142005825230379294199839107","47538595601751702942708318038548795163","228807322415877860740338229503941631724","159682945826972055019939957014545886032","272486790010920478144726204414714079939","3078656765431377314383960895678223107","211803681310620770987877492249514225740","174433897228337642479317019693424721972","319383324508181707174617844920937099733","6752740300141921899340557140792927010","267186757876432177086324588665395403207","73129533692578767624689383625881407407","82284181664623084732270425828305394946","313854549170984260043235238886289354442","270612539606595380707174586783675687361","327967341208073331179880385396211980905","332788522602816312565513794948103597013","320541703620283443971803661645218328037","54883227777489648665078911698199033099"],"threshold":0.9},"target":{"file":"app/common/src/main/java/stirling/software/common/util/EmlToPdf.java"},"signature_type":"Line","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-f208c60f","signature_version":"v1","digest":{"length":1338,"function_hash":"260588792229608536571201581906794393319"},"target":{"file":"app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java","function":"convertEmlToPdfWithoutAttachments"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-f6da08fe","signature_version":"v1","digest":{"length":516,"function_hash":"220921536377268957151269071157897828746"},"target":{"file":"app/common/src/test/java/stirling/software/common/util/FileToPdfTest.java","function":"testConvertHtmlToPdf"},"signature_type":"Function","deprecated":false},{"source":"https://github.com/stirling-tools/stirling-pdf/commit/7d6b70871bad2a3ff810825f7382c49f55293943","id":"CVE-2025-55150-fbd9fe9d","signature_version":"v1","digest":{"line_hashes":["321574805498813716342682175329236246722","201254638903525742961993416563334334110","185842079462941899839990734947175669963","146668537195039343852960881825080682348","318775864652824655449247757029981195140","301621834131870319812558251106972845788","253847859010730887205103045489092609543","209734191056967189075873943713116512237","194390016497088745691610028643628475983","25790236320458218090651807640086389754","156506643741571303805214203576782987663","166298826683054949056967950473904514863","89880728961012741357043052574534345793","77749045508059032862287242808986284735","318481986619551644829375824108192522020","62090568276321016034159499769409884336","337233035375917964671268040437556972429","200657392090209063618637358039157847010","268422623655643964873386472565295960239","330117807258284654166529142053450539988"],"threshold":0.9},"target":{"file":"app/common/src/test/java/stirling/software/common/util/FileToPdfTest.java"},"signature_type":"Line","deprecated":false}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-55150.json","vanir_signatures_modified":"2026-04-12T17:14:06Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"}]}