CVE-2021-23345

Publication date

2021-02-26 17:20:17

Family

snyk

State

PUBLISHED

Description

All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as .</p> </div> </div> </div> </div> </div> </div> </div> <footer> <div class="container py-4 py-lg-10"> <hr> <div class="text-muted d-flex justify-content-between align-items-center pt-3" style="text-align: center;"> <p class="mb-10"><center>Copyright © 2026 eXtreme Hosting</center></p> <p class="mb-10"><center><a href="/gdpr/">Privacy Policy GDPR/AVG</a> | <a href="/algemene-voorwaarden/">Algemene voorwaarden</a></center></p> </div> </div> </footer> <script src="/template/assets/bootstrap/js/bootstrap.min.js"></script> <script src="/template/assets/js/startup-modern.js"></script> </body> </html><img style="display: none;" src="https://telemetry.extremehosting.nl/Analy/?api=0C44A78F-C43E-4700-990A-0F40CE4B4A51&dtt=1746954019&urr=https://extremehosting.nl/cve/cve-details/CVE-2021-23345" />