{"id":"CVE-2025-57682","details":"Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the \"POST /api/file/s3/get-presigned-get-url-proxy\" API","modified":"2026-04-10T05:33:48.345911Z","published":"2025-09-22T16:15:45.837Z","references":[{"type":"WEB","url":"https://papermark.com/"},{"type":"ADVISORY","url":"https://github.com/dos-m0nk3y/CVE/tree/main/CVE-2025-57682"},{"type":"PACKAGE","url":"https://github.com/mfts/papermark"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mfts/papermark","events":[{"introduced":"0"},{"last_affected":"4f094c3cad6ac88167cbc515b6eac9dc751bb35c"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.20.0"}]}}],"versions":["v0.10.0","v0.11.0","v0.12.0","v0.13.0","v0.14.0","v0.15.0","v0.16.0","v0.17.0","v0.18.0","v0.19.0","v0.20.0","v0.8.0","v0.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57682.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}