CVE-2025-11849

Name of the Vulnerable Software and Affected Versions mammoth versions 0.3.25 through 1.10.9 mammoth versions prior to 1.11.0 org.zwobble.mammoth:mammoth versions 0.3.25 through 1.10.9 org.zwobble.mammoth:mammoth versions prior to 1.11.0

Description The mammoth library is susceptible to a Directory Traversal issue because of insufficient validation of paths and file types when processing docx files containing images with external links (r:link attribute instead of embedded r:embed). The library resolves the URI to a file path and then reads the content, encoding it as base64 for inclusion in the HTML output as a data URI. An attacker could potentially read arbitrary files on the system where the conversion takes place or cause excessive resource consumption by creating a docx file that links to special device files like /dev/random or /dev/zero.

Recommendations Update to mammoth version 1.11.0 or later. Update to org.zwobble.mammoth:mammoth version 1.11.0 or later.