CVE-2024-21527 Vulnerability Details

  /     /     /  

CVE-2024-21527 Metadata Quick Info

CVE Published: 19/07/2024 | CVE Updated: 05/09/2024 | CVE Year: 2024
Source: snyk | Vendor: n/a | Product: github.com/gotenberg/gotenberg/v8/pkg/gotenberg
Status : PUBLISHED

---

CVE-2024-21527 Description

Versions of the package github.com/gotenberg/gotenberg/v8/pkg/gotenberg before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/chromium before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/webhook before 8.1.0 are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when a request is made to a file via localhost, such as