Lucene search
+L

16 matches found

NVD
NVD
added 2026/07/10 9:16 p.m.4 views

CVE-2026-55229

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.34.0, Gotenberg's /forms/libreoffice/convert endpoint allows a specially crafted document to cause LibreOffice to automatically retrieve external HTTPS resources and local file resources during document conversion, enabling bli...

7.5CVSS0.00355EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/18 1:4 p.m.9 views

Gotenberg: SSRF via LibreOffice document processing

Summary Server-Side Request Forgery SSRF vulnerability affecting the /forms/libreoffice/convert endpoint in Gotenberg v8.33.0 running with the default configuration. By uploading a specially crafted DOCX document, an attacker can cause LibreOffice to automatically retrieve external resources duri...

7.5CVSS5.5AI score0.00355EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.27 views

PT-2026-50731

Name of the Vulnerable Software and Affected Versions Gotenberg version 8.33.0 Description A Server-Side Request Forgery SSRF issue exists in the /forms/libreoffice/convert endpoint. By uploading a specially crafted DOCX document, an attacker can force LibreOffice to retrieve external resources...

7.5CVSS5.8AI score0.00355EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.12 views

PT-2025-50297

Name of the Vulnerable Software and Affected Versions PipesHub versions prior to 0.1.0-beta Description PipesHub is a workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta have a missing authentication check on the POST /api/v1/record/buffer/convert...

9.8CVSS7.5AI score0.01639EPSS
Exploits1References8
EUVD
EUVD
added 2025/11/08 12:30 p.m.7 views

EUVD-2025-38371

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for...

4.3CVSS4.7AI score0.00178EPSS
Exploits0References3
NVD
NVD
added 2025/11/08 10:15 a.m.5 views

CVE-2025-11448

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for...

4.3CVSS0.00178EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/08 9:28 a.m.4 views

CVE-2025-11448 Gallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for...

4.3CVSS4.6AI score0.00178EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/08 9:28 a.m.13 views

CVE-2025-11448 Gallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for...

4.3CVSS0.00178EPSS
Exploits0References2
NVD
NVD
added 2025/08/11 11:15 p.m.33 views

CVE-2025-55161

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security...

9.8CVSS0.01999EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/08/11 10:28 p.m.36 views

CVE-2025-55161 Stirling-PDF SSRF vulnerability on /api/v1/convert/markdown/pdf

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security...

8.6CVSS0.01999EPSS
Exploits1References2
CVE
CVE
added 2025/08/11 10:28 p.m.71 views

CVE-2025-55161

Stirling-PDF prior to v1.1.0 exposes a Server-Side Request Forgery (SSRF) flaw in /api/v1/convert/markdown/pdf. The Markdown-to-PDF conversion uses a sanitizer that can be bypassed, allowing unauthenticated attackers to force the server to request arbitrary URLs (potentially internal). The issue ...

9.8CVSS7.2AI score0.01999EPSS
In wildExploits1References2Affected Software1
CVE
CVE
added 2025/08/11 9:56 p.m.19 views

CVE-2025-55151

Stirling-PDF prior to version 1.1.0 is affected by a Server-Side Request Forgery (SSRF) in the /api/v1/convert/file/pdf path, where LibreOffice’s unoconvert tool is used during file-to-PDF conversion. The vulnerability arises in the conversion process and has been patched in version 1.1.0. Affect...

9.8CVSS7.2AI score0.00355EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.5 views

PT-2025-32591 · Unknown +1 · Stirling-Pdf +1

Name of the Vulnerable Software and Affected Versions: Stirling-PDF versions prior to 1.1.0 Description: Stirling-PDF is a locally hosted web application used for PDF file operations. The “convert file to pdf” functionality, accessible via the /api/v1/convert/file/pdf API endpoint, is susceptible...

9.8CVSS6.3AI score0.00355EPSS
Exploits0References9
Snyk
Snyk
added 2025/01/15 10:4 p.m.6 views

Failure to Sanitize Paired Delimiters

Overview Affected versions of this package are vulnerable to Failure to Sanitize Paired Delimiters via the Authorization header, by sending a crafted request to the /convert endpoint. Note: This is only exploitable if the Homarus microservice is directly accessible from the Internet. Remediation...

9.8CVSS6.9AI score0.01006EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.10 views

PT-2025-7069

Name of the Vulnerable Software and Affected Versions: Crayfish versions prior to 4.1.0 Description: Remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The exploit requires making a request against the Homarus's "/convert" endpoint. To redu...

9.8CVSS5.9AI score0.01006EPSS
Exploits0References13
Snyk
Snyk
added 2021/01/19 2:35 p.m.5 views

Server-side Request Forgery (SSRF)

Overview github.com/gotenberg/gotenberg/v7/pkg/modules/chromium is a Docker-powered stateless API for PDF files. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal syst...

6.1CVSS6.8AI score0.01053EPSS
Exploits1References2
Rows per page
Query Builder