CVE-2024-21527
Versions of the package github.com/gotenberg/gotenberg/v8/pkg/gotenberg before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/chromium before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/webhook before 8.1.0 are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when a request is made to a file via localhost, such as <iframe src="\\localhost/etc/passwd">. By exploiting this vulnerability, an attacker can achieve local file inclusion, allowing of sensitive files read on the host system. Workaround An alternative is using either or both --chromium-deny-list and --chromium-allow-list flags.
EPSS 0.12% · 30.9th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | github.com/gotenberg/gotenberg/v8/pkg/modules/chromium | 0, 0 |
| gotenberg | gotenberg | 0, 0 |
| n/a | github.com/gotenberg/gotenberg/v8/pkg/modules/webhook | 0, 0 |
| n/a | github.com/gotenberg/gotenberg/v8/pkg/gotenberg | 0, 0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-21527 (circl-sighting)
- CIRCL seen: CVE-2024-21527 (circl-sighting)
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOTENBERGGOTENBERGV8PKGGOTENBERG-7537081 (circl)
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOTENBERGGOTENBERGV8PKGMODULESCHROMIUM-7537082 (circl)
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOTENBERGGOTENBERGV8PKGMODULESWEBHOOK-7537083 (circl)
- https://github.com/gotenberg/gotenberg/releases/tag/v8.1.0 (circl)
- https://github.com/gotenberg/gotenberg/commit/ad152e62e5124b673099a9103eb6e7f933771794 (circl)
- Gotenberg SSRF (osv)
Timeline
- Jan 20, 1970 GitHub Gist PoC
- Jul 19, 2024 EPSS Score
- Jul 19, 2024 CVE Published
- Jul 19, 2024 PoC Published
- Aug 10, 2024 EPSS Score
- Aug 31, 2024 EPSS Score
- Sep 22, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 14, 2024 EPSS Score
- Nov 4, 2024 EPSS Score
- Nov 26, 2024 EPSS Score
- Dec 19, 2024 EPSS Score
References
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOTENBERGGOTENBERGV8PKGGOTENBERG-7537081 url
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOTENBERGGOTENBERGV8PKGMODULESCHROMIUM-7537082 url
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOTENBERGGOTENBERGV8PKGMODULESWEBHOOK-7537083 url
- https://github.com/gotenberg/gotenberg/releases/tag/v8.1.0 url
- https://github.com/gotenberg/gotenberg/commit/ad152e62e5124b673099a9103eb6e7f933771794 url
- https://gist.github.com/filipochnik/bc88a3d1cc17c07cec391ee98e1e6356 url