Unrated severityNVD Advisory· Published Feb 26, 2021· Updated Sep 16, 2024
Server-side Request Forgery (SSRF)
CVE-2021-23345
Description
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as .
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- github.com/thecodingmachine/gotenbergdescription
Patches
Vulnerability mechanics
References
2- github.com/thecodingmachine/gotenberg/issues/261mitrex_refsource_MISC
- snyk.io/vuln/SNYK-GOLANG-GITHUBCOMTHECODINGMACHINEGOTENBERG-1062043mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.