CVE-2021-23345 Vulnerability Details

  /     /     /  

CVE-2021-23345 Metadata Quick Info

CVE Published: 26/02/2021 | CVE Updated: 16/09/2024 | CVE Year: 2021
Source: snyk | Vendor: n/a | Product: github.com/thecodingmachine/gotenberg
Status : PUBLISHED

---

CVE-2021-23345 Description

All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as