CVE-2025-65108 Overview
CVE-2025-65108 is a critical remote code execution vulnerability affecting the md-to-pdf library, a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome. Prior to version 5.2.5, a Markdown front-matter block containing JavaScript delimiters causes the JS engine in the gray-matter library to execute arbitrary code during the Markdown to PDF conversion process, resulting in remote code execution.
Critical Impact
Attackers can achieve complete system compromise by crafting malicious Markdown files that execute arbitrary code when processed by md-to-pdf, potentially leading to data exfiltration, lateral movement, and full server takeover.
Affected Products
- md-to-pdf versions prior to 5.2.5
- Applications using vulnerable md-to-pdf library for Markdown processing
- Web services accepting user-supplied Markdown content for PDF conversion
Discovery Timeline
- 2025-11-21 - CVE-2025-65108 published to NVD
- 2025-11-25 - Last updated in NVD database
Technical Details for CVE-2025-65108
Vulnerability Analysis
This vulnerability is classified as CWE-94 (Improper Control of Generation of Code - Code Injection). The flaw exists in how md-to-pdf handles Markdown front-matter parsing through the gray-matter library. When processing Markdown files, the library's JavaScript engine can be triggered through specially crafted front-matter delimiters, allowing arbitrary JavaScript code execution within the Node.js process context.
The vulnerability is particularly dangerous because md-to-pdf is commonly used in automated document processing pipelines, CI/CD systems, and web applications that convert user-uploaded Markdown to PDF. An attacker only needs to submit a malicious Markdown file to trigger code execution without any authentication or special privileges.
Root Cause
The root cause lies in the incorrect configuration of the gray-matter library's JavaScript engine within md-to-pdf. The library was intended to disable the JavaScript engine for security purposes but used the wrong key name (js instead of javascript) when overriding the engine configuration. This configuration error meant the security mitigation was never actually applied, leaving the JavaScript engine fully functional and able to execute code embedded in front-matter blocks.
Attack Vector
The attack is network-accessible and requires no user interaction or authentication. An attacker can exploit this vulnerability by:
- Crafting a Markdown file with malicious JavaScript code embedded in the front-matter section using JavaScript delimiters
- Submitting the malicious Markdown file to any service or application using vulnerable md-to-pdf versions
- When the file is processed for PDF conversion, the gray-matter library parses the front-matter and executes the embedded JavaScript code
- The attacker's code runs with the same privileges as the md-to-pdf process, enabling full system compromise
// Security patch in src/lib/config.ts
// Source: https://github.com/simonhaenisch/md-to-pdf/commit/46bdcf2051c8d1758b391c1353185a179a47a4d9
launch_options: {},
gray_matter_options: {
engines: {
- js: () =>
+ javascript: () =>
new Error(
'The JS engine for front-matter is disabled by default for security reasons. You can enable it by configuring gray_matter_options.',
),
The patch corrects the engine key from js to javascript, ensuring the security override is properly applied to disable JavaScript execution in front-matter blocks by default.
Detection Methods for CVE-2025-65108
Indicators of Compromise
- Markdown files containing unusual front-matter delimiters such as ---js or ---javascript
- Unexpected child processes spawned by md-to-pdf or Node.js PDF conversion services
- Suspicious network connections originating from PDF conversion processes
- Anomalous file system access patterns from Markdown processing applications
Detection Strategies
- Monitor for Markdown files with JavaScript delimiters in front-matter sections (---js, ---javascript)
- Implement application-level logging for md-to-pdf conversion operations and their inputs
- Deploy runtime application self-protection (RASP) to detect code injection attempts
- Use SentinelOne's behavioral AI to identify anomalous process execution from document conversion services
Monitoring Recommendations
- Enable verbose logging for all Markdown processing pipelines
- Monitor process creation events from Node.js applications handling PDF conversion
- Alert on any external network connections from PDF conversion service processes
- Track file I/O operations during Markdown-to-PDF conversion for suspicious patterns
How to Mitigate CVE-2025-65108
Immediate Actions Required
- Upgrade md-to-pdf to version 5.2.5 or later immediately
- Audit all applications and services using md-to-pdf for vulnerable versions
- Implement input validation to reject Markdown files with JavaScript front-matter delimiters
- Consider isolating PDF conversion services in sandboxed environments or containers
Patch Information
The vulnerability has been patched in md-to-pdf version 5.2.5. The fix correctly configures the gray-matter library to disable the JavaScript engine by using the proper key name javascript instead of js in the engine override configuration. For detailed patch information, see the GitHub Security Advisory GHSA-547r-qmjm-8hvw and the associated commit.
Workarounds
- If immediate upgrade is not possible, implement strict input validation to reject Markdown files containing JavaScript front-matter delimiters
- Run md-to-pdf processes in isolated containers with restricted network access and limited file system permissions
- Use allowlisting to restrict which users or services can submit Markdown files for conversion
- Consider temporarily disabling automated Markdown-to-PDF conversion until patching is complete
# Configuration example
# Upgrade md-to-pdf to patched version
npm update md-to-pdf@5.2.5
# Verify installed version
npm list md-to-pdf
# For yarn users
yarn upgrade md-to-pdf@5.2.5
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
