Lucene search
K
GithubRecent

33227 matches found

Github Security Blog
Github Security Blog
added 2026/05/07 4:33 a.m.11 views

vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape

Summary NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load modules from outside the allowed root directory in host context. Because path validation uses path.resolve which does not dereference symlinks but module loading uses Node's...

8.5CVSS6.4AI score0.00722EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 4:32 a.m.15 views

vm2's Transformer Fast-Path Bypass Exposes Internal State Variable

Summary vm2's code transformer has a performance optimization that skips AST analysis when the code does not contain catch, import, or async keywords. This fast-path bypass allows sandboxed code to directly access the internal VM2INTERNALSTATEDONOTUSEORPROGRAMWILLFAIL variable, which exposes...

5.8CVSS5.8AI score0.00248EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 4:30 a.m.10 views

vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak

Summary vm2's CallSite wrapper class intended as a safe wrapper for V8's native CallSite blocks getThis and getFunction to prevent host object leakage, but allows getFileName to return unsanitized host absolute paths. Any sandboxed code can extract the full directory structure, library paths, and...

5.8CVSS5.9AI score0.00241EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 4:29 a.m.12 views

vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary

Summary A sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the sandbox .then callback preserves host identity. This...

7.2CVSS5.5AI score0.002EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 4:26 a.m.13 views

vm2 Sandbox Access to Host Buffer.alloc Allows timeout Bypass Resulting in Memory Exhaustion

Summary Sandboxed code can call Buffer.alloc with an arbitrary size to allocate memory directly on the host heap. Because Buffer.alloc is a synchronous C++ native call, vm2's timeout option cannot interrupt it. A single request can exhaust host memory and crash the process with a FATAL ERROR:...

8.6CVSS6.1AI score0.00424EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 4:10 a.m.15 views

vm2 has a Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS)

Summary A sandbox escape vulnerability in vm2 v3.10.5 allows any sandboxed code to crash the host Node.js process via a single Promise constructor that triggers an unhandled rejection propagating to the host. The fix for CVE-2026-22709 v3.10.2 only sanitized the onRejected callback in .then and...

10CVSS7.6AI score0.01222EPSS
Exploits2References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 4:8 a.m.10 views

vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandbox escape

Summary NodeVM's builtin allowlist can be bypassed when the module builtin is allowed including via the '' wildcard. The module builtin exposes Node's Module.load, which loads any module by name directly in the host context, completely bypassing vm2's builtin restriction. This allows sandboxed co...

9.9CVSS6.6AI score0.00974EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 4:7 a.m.10 views

vm2: Mutable Proxies for Host Intrinsic Prototypes Allows Sandbox Escape

Summary vm2's bridge exposes mutable proxies for real host-realm intrinsic prototypes and then forwards sandbox writes into the underlying host objects with otherReflectSet and otherReflectDefineProperty, which lets attacker-controlled JavaScript running in a default VM or inherited NodeVM mutate...

10CVSS6.1AI score0.00842EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 4:0 a.m.22 views

vm2 Access to Host Object Enables Sandbox Escape

Summary It is possible to obtain the host Object, https://github.com/patriksimek/vm2/commit/ebcfe94ad2f864f0bc35e78cff1d921107cfd160 added some protections, but the implementation is incomplete. Details There are various ways to use the host Object, to escape the sandbox, one example would be usi...

10CVSS6AI score0.00976EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:54 a.m.13 views

vm2 has a Sandbox Escape Vulnerability

Summary It is possible to reach BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypes Details https://github.com/patriksimek/vm2/blob/408fc855f1cc1bbc2985b029465ee0e732ada433/lib/bridge.jsL655-L658 BaseHandler can be reached via util.inspect same as...

10CVSS6.1AI score0.00815EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:52 a.m.11 views

Bandit HTTP/2 Frame Size Limit Bypass via Late Buffer Check Enables Memory Exhaustion

Summary Bandit's HTTP/2 parser checks frame size after it has already buffered the full body, instead of when it sees the 9-byte header. A peer can announce a 16 MiB frame on a connection that agreed to 16 KiB frames and the server will silently buffer up to 1024× the agreed budget per connection...

6.9CVSS5.9AI score0.0051EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:47 a.m.11 views

Bandit trusts client-supplied URI scheme on plaintext connections

Summary Bandit reflects the client-supplied URI scheme into conn.scheme without verifying the actual transport. Over a plaintext HTTP/1.1 connection or h2c, an unauthenticated attacker can send an absolute-form request target like GET https://victim/path HTTP/1.1 and the application observes...

6.3CVSS5.9AI score0.00454EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:46 a.m.11 views

Bandit is vulnerable to CL.CL request smuggling via unrejected duplicate `Content-Length` header

Summary Bandit is vulnerable to CL.CL HTTP request smuggling: it silently accepts requests with two Content-Length headers whose values differ, takes the first value, and dispatches the body bytes as a second pipelined request on the same keep-alive connection. RFC 9110 §5.3 prohibits multiple...

6.3CVSS5.9AI score0.00518EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:43 a.m.22 views

Bandit Buffers Unbounded WebSocket Continuation Frames, Allowing Unauthenticated Memory Exhaustion

Summary A single unauthenticated WebSocket client can exhaust server memory in any Bandit-fronted application that accepts WebSocket connections. The fragmented-message reassembly path appends every Continuationfin: false frame's payload to a per-connection iolist with no cumulative size cap, so ...

8.7CVSS5.8AI score0.00549EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:36 a.m.14 views

Bandit's unbounded WebSocket inflate causes BEAM OOM with a single frame

Summary When a Bandit-fronted server has explicitly enabled WebSocket permessage-deflate compress: true, an unauthenticated client can OOM the BEAM with a single 6 MiB WebSocket frame. Bandit's inflate step has no output-size cap, so a small high-ratio compressed frame e.g. zeros, 1024:1 ratio...

8.2CVSS5.9AI score0.00625EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:34 a.m.10 views

gittuf's policy can be rolled back to prior valid versions

Summary An attacker with push access to gittuf's Reference State Log RSL can roll back the current policy to any previous policy trusted by the current set of root keys. Impact gittuf determines the policy to load by inspecting the RSL. Except for the very first policy which is automatically...

4.9CVSS5.7AI score0.00198EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:29 a.m.20 views

FileBrowser Vulnerable to Stored XSS via SVG File in Public Share (Missing CSP Header)

Summary FileBrowser Quantum serves inline SVG files without a Content-Security-Policy header, allowing embedded JavaScript in SVG files to execute when accessed via public share links. Verified on v1.3.0-stable. Affected product - Product: FileBrowser Quantum gtsteffaniak/filebrowser - Verified...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:28 a.m.12 views

FileBrowser Public Share DELETE API Path Traversal Allows Unauthenticated Arbitrary File Deletion

Summary Attacker-controlled path input is joined with a trusted base path prior to sanitization, allowing traversal sequences e.g., ../ to escape the intended shared directory. As a result, an unauthenticated attacker possessing a valid public share hash with delete permissions enabled can delete...

9.1CVSS6AI score0.00523EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:21 a.m.15 views

etcd RBAC bypass allows unauthorized data access via PrevKv/lease attachment in nested transaction Put requests

Impact What kind of vulnerability is it? Who is impacted? A vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may b...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/07 3:15 a.m.16 views

docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler

Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:13 a.m.18 views

imageproc: integer overflow in kernel size check leads to out-of-bounds read

A bounds verification of a slice storage of a 2-dimensional matrix's coefficients a kernel would compare the total size against the product of individual dimensions. This would erroneously cast after the multiplication and consequently fail to detect possible violations when overflow occurs...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:10 a.m.16 views

imageproc: Out-of-bounds read via NaN coordinates in bilinear/bicubic sampling

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:3 a.m.19 views

imageproc has fragile bounds check when sampling from image

A read of pixels was coded as modifying coordinates to lie within the image bounds. It would calculate a coordinate by adding a constant to an input and taking the minimum of the resulting coordinate and 'dimension - 1'. This would not protect against malicious inputs that could overflow the...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 3:2 a.m.19 views

ShellHub has cross-tenant IDOR in `GET /api/namespaces/:tenant` via API Key bypasses membership check

Summary GET /api/namespaces/:tenant returns the full namespace object — including the members list user IDs, e-mails, roles, settings, and device counts — to any caller authenticated by an API Key, for any tenant, regardless of the API Key's own tenant scope. The handler conditionally skips the...

6.5CVSS5.8AI score0.00308EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 2:59 a.m.18 views

hickory-proto vulnerable to CPU exhaustion during message encoding due to O(n²) name compression

During message encoding, hickory-proto's BinEncoder stores pointers to labels that are candidates for name compression in a Vec. The name compression logic then searches for matches with a linear scan. A malicious message with many records can both introduce many candidate labels, and invoke this...

5.3CVSS6.8AI score0.00801EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 2:59 a.m.24 views

hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

The NSEC3 closest-encloser proof validation in hickory-proto's 0.25.0-alpha.3 ... 0.25.2 and hickory-net's 0.26.0-alpha.1 .. 0.26.0 DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of th...

5.8AI score
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/07 2:57 a.m.9 views

Daptin's Session Management Vulnerability Leads to Insufficient Session Expiration After Password Change

Summary A session invalidation vulnerability exists in daptin's authentication system where JSON Web Tokens JWTs remain fully valid after a user changes their password. The JWT validation middleware CheckJWT only verifies token signature, expiry, issuer, and signing algorithm — it does not check...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 2:38 a.m.13 views

Talos Linux has a local privilege escalation from untrusted workloads

Summary A vulnerability in the Linux kernel's algifaead subsystem CVE-2026-31431, "copy.fail" allows an unprivileged container workload to corrupt arbitrary file page-cache pages via the AFALG crypto interface and splice. On Talos Linux, this vulnerability can be chained into a complete node...

7.8CVSS8AI score0.96267EPSS
Exploits230References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 2:34 a.m.19 views

Kubetail has a Cross-Site WebSocket Hijacking issue that allows attacker to read Kubernetes logs from authenticated users

Summary Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin header on connection upgrade. A malicious web page visited by a user with an active Kubetail session could open a WebSocket to the user's dashboard and read their Kubernetes logs in real time. Thi...

6.5CVSS5.8AI score0.0017EPSS
Exploits0References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/07 2:24 a.m.15 views

Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components

Background This vulnerability is found in the DiffusionPipeline.frompretrained flow, which is used to load a pipeline from the HuggingFace Hub. This function accepts an optional custompipeline keyword argument: the name of a Python file in the repo that contains a custom class inheriting from...

8.8CVSS5.9AI score0.00562EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 2:13 a.m.14 views

katalyst-koi: Session cookies can be replayed after user logout

Impact Admin session cookies were not invalidated when an admin user logged out. An attacker with access to a valid admin session cookie could continue to access admin functionality after logout, until the cookie expired or session secrets were rotated. This affects applications using Koi admin...

7.4CVSS5.8AI score0.00197EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 2:9 a.m.12 views

Free5GC UDM has Improper Input Validation and Generation of Error Messages Containing Sensitive Information

Summary The free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500...

8.7CVSS5.9AI score0.00324EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 2:7 a.m.16 views

go-ipld-prime's DAG-CBOR and DAG-JSON decoders have unbounded recursion depth

The DAG-CBOR and DAG-JSON decoders recurse on each nested map or list without a depth limit. A payload containing deeply nested collections causes the decoder to recurse once per level, growing the goroutine stack until the Go runtime terminates the process with a fatal stack overflow distinct fr...

6.2CVSS6AI score0.0012EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 2:6 a.m.33 views

CSS Parser: Improper Certificate Validation allows MITM injection of remote CSS content

Summary The CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle MITM attacker to inject or modify CSS content when stylesheets are loaded via HTTPS. The connection is established with OpenSSL::SSL::VERIFYNONE, meaning any HTTPS certificate—even entirely untrusted—will...

5.8CVSS5.8AI score0.00146EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:58 a.m.12 views

Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI

Summary PCF NpcfSMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI Details In NewServer, the smPolicyGroup route group is created and routes are applied without attaching the router authorization middleware. In...

8.2CVSS5.8AI score0.00323EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:56 a.m.43 views

ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction

Summary There is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext Kubernetes Secret data from etcd via the Kubernetes API server's Server-Side Apply dry-run mechanism. Details Argo CD masks Secret...

9.6CVSS5.8AI score0.00505EPSS
Exploits2References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:56 a.m.17 views

Free5GC AMF has Missing Concurrent NAS SMC Validation During NGAP Handover

Summary The AMF in Free5GC v4.2.1 does not enforce the concurrent security procedure rules defined in 3GPP TS 33.501 §6.9.5.1. The AMF does not check for ongoing N2 handover procedures before initiating a NAS Security Mode Command, and vice versa. This can lead to mismatches between NAS and AS...

5.4CVSS5.9AI score0.00251EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:54 a.m.23 views

rust-zserio has Unbounded Memory Allocation

Impact When deserializing arrays, strings or bytes blob types zserio first reads the size of the variable, and then allocates sufficient memory to load data. Since the size is always trusted this can be abused by creating a data file with a large size value, causing the zserio runtime to allocate...

5.8AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:53 a.m.11 views

Free5GC AMF Bypasses UE Security Capabilities on NGAP PathSwitchRequest

Summary The AMF in Free5GC v4.2.1 does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the AMF's stored UE security capabilities with arbitrary values, whic...

7.1CVSS5.9AI score0.00266EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:49 a.m.15 views

Aegra has cross-user run injection in /threads/{thread_id}/runs (IDOR)

Impact Aegra deployments running 0.9.0 through 0.9.6 with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated user User A, given another user's threadid User B, can: - Execute graph runs against User B's thread via POST /threads/threadid/runs...

8.6CVSS6.1AI score0.00285EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:49 a.m.30 views

Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect

Summary The RedirectHandler middleware in microsoft/kiota-java com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0 and other Kiota libraries fails to strip sensitive HTTP headers when following 3xx redirects to a different host or scheme. This vulnerability is present in the RedirectHandlers...

7CVSS5.9AI score0.00505EPSS
Exploits0References3Affected Software5
Github Security Blog
Github Security Blog
added 2026/05/07 1:43 a.m.15 views

container: pf Rule Injection via Domain Name Argument in `container system dns create --localhost` Command

Product Name: container Github Link: https://github.com/apple/container Version: = 0.12.2 Summary The container system dns create --localhost command accepts a domainName argument and passes it unsanitized into the pf anchor file /etc/pf.anchors/com.apple.container as a comment in a rule line. A...

6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:26 a.m.12 views

Fleet: Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering

Impact Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their GitRepo. Helm lookup bypass: The Helm template...

9.9CVSS5.8AI score0.00379EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:23 a.m.9 views

Rancher Extensions have arbitrary file access via path traversal

Impact A vulnerability has been identified in Rancher's Extensions where malicious code can be injected in Rancher through a path traversal in the compressedEndpoint field inside a UIPlugin deployment. A malicious UI extension could abuse that to: - Overwrite Rancher binaries or configuration to...

8.4CVSS5.7AI score0.00368EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:22 a.m.13 views

Amazon ECS Container Agent (Windows) is vulnerable to Information Disclosure

Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. An issue exists where, under certain circumstances, improper input validation in the FSx Windows File Server volum...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:15 a.m.13 views

Gotenberg allows Chromium URL conversion routes to read arbitrary files under /tmp via file:// scheme

Summary The /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers. The default Chromium deny-list intentionally exempts file:///tmp/ so HTML/Markdown routes can load their own request-local assets, and those routes apply a...

5.9CVSS5.9AI score0.00251EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:15 a.m.17 views

Gotenberg vulnerable to unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook

Summary The default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is regex-based and case-sensitive, an unauthenticated attacker can supply URLs such as http://::ffff:127.0.0.1:... and reach loopback or private HTTP services that the...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 1:0 a.m.10 views

Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine

Summary The webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handler returns ErrAsyncProcess and Echo recycles the context back to its sync.Pool. When a concurrent request claims the recycled context, c.Reset clears the store. If the...

7.5CVSS5.9AI score0.00348EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 12:59 a.m.8 views

Gotenberg has arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routes

Summary Six conversion routes pdfengines/merge, pdfengines/split, libreoffice/convert, chromium/convert/url, chromium/convert/html, chromium/convert/markdown accept stampSource=pdf + stampExpression=/path and watermarkSource=pdf + watermarkExpression=/path from anonymous callers. The dedicated...

5.3CVSS5.9AI score0.00311EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 12:57 a.m.9 views

Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes

Summary FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when it navigates to the URL. An attacker who controls DNS for a hostname...

5.3CVSS5.8AI score0.00186EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities33227