11 matches found
CVE-2025-55150 Stirling-PDF SSRF vulnerability on /api/v1/convert/html/pdf
Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/html/pdf endpoint to convert HTML to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization...
PT-2024-18941
Name of the Vulnerable Software and Affected Versions github.com/gotenberg/gotenberg/v8/pkg/gotenberg versions prior to 8.1.0 github.com/gotenberg/gotenberg/v8/pkg/modules/chromium versions prior to 8.1.0 github.com/gotenberg/gotenberg/v8/pkg/modules/webhook versions prior to 8.1.0 Description Th...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when a request is made to a file via localhost, such as . By exploiting this vulnerability, an attacker can achieve local file inclusion, allowing of sensitive files read o...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when a request is made to a file via localhost, such as . By exploiting this vulnerability, an attacker can achieve local file inclusion, allowing of sensitive files read o...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when a request is made to a file via localhost, such as . By exploiting this vulnerability, an attacker can achieve local file inclusion, allowing of sensitive files read o...
CVE-2021-23345
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as...
CVE-2021-23345
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as...
Server side request forgery (ssrf)
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as...
CVE-2021-23345 Server-side Request Forgery (SSRF)
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as...
CVE-2021-23345
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as...
Server-side Request Forgery (SSRF)
Overview github.com/thecodingmachine/gotenberg is a Docker-powered stateless API for PDF files. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as...