Описание
An SSRF vulnerability in Gotenberg through 6.2.1 exists in the remote URL to PDF conversion, which results in a remote attacker being able to read local files or fetch intranet resources.
Ссылки
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.2.1 (включая)
cpe:2.3:a:thecodingmachine:gotenberg:*:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00526
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-918
Связанные уязвимости
github
больше 3 лет назад
An SSRF vulnerability in Gotenberg through 6.2.1 exists in the remote URL to PDF conversion, which results in a remote attacker being able to read local files or fetch intranet resources.
EPSS
Процентиль: 66%
0.00526
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-918