CVE-2021-23345 – All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-sid …

26 February 2021

Vuln ID: CVE-2021-23345

Published: 2021-02-26 18:15:12Z

Description: All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src=’file:///etc/passwd’>.

Source: NVD.NIST.GOV

Date:

26 February 2021

Categorie(s):

NVD

Tag(s):

NVD

Rubrik sets IPO price at $32 per share on $5.6B valuation ahead of NYSE debut25 April 2024
Governments issue alerts after ‘sophisticated’ state-backed actor found exploiting flaws in Cisco security boxes24 April 2024
Smashing Security podcast #369: Keeping the lights on after a ransomware attack24 April 2024
5G Hackathons – Casey Ellis – BTS #2824 April 2024
CoralRaider leverages CDN cache domains in new infostealer campaign24 April 2024