Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: thecodingmachine Clear
ID Title
CVE-2026-42597 Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42597)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42597). Confidential information can be exposed externally. Exploitable via ``AllowedFilePrefixes``. Mitigation: upgrade to `8.32.0` or later.
CVE-2026-42590 Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42590)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42590). Data can be tampered with by attackers. Exploitable via ``FileName``.
CVE-2026-42591 SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-42591)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-42591). Confidential information can be exposed externally. Exploitable via `GET /GOTENBERG_SSRF`.
CVE-2026-42592 Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42592)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42592). Risk of unauthorized operations or information disclosure. Exploitable via ``FilterOutboundURL``.
CVE-2026-42593 Path Traversal in github.com/gotenberg/gotenberg/v8 (CVE-2026-42593)
path traversal in github.com/gotenberg/gotenberg/v8 (CVE-2026-42593). Risk of unauthorized operations or information disclosure. Exploitable via ``stamp``.
CVE-2026-42594 Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42594)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42594). Risk of unauthorized operations or information disclosure. Exploitable via `GET /version`. Mitigation: upgrade to `8.32.0` or later.
CVE-2026-42596 SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-42596)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-42596). Confidential information can be exposed externally. Exploitable via `POST /upload`. Mitigation: upgrade to `8.32.0` or later.
CVE-2026-42589 OS Command Injection in github.com/gotenberg/gotenberg/v8 (CVE-2026-42589)
OS command injection in github.com/gotenberg/gotenberg/v8 (CVE-2026-42589). Successful exploitation can lead to full system takeover. Exploitable via ``dangerousTags``.
CVE-2026-40893 Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40893)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40893). Data can be tampered with by attackers. Exploitable via ``FileName``.
CVE-2026-42595 SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-42595)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-42595). Confidential information can be exposed externally. Exploitable via ``downloadFrom``. Mitigation: upgrade to `8.32.0` or later.
CVE-2026-39383 SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383). Confidential information can be exposed externally. Exploitable via ``FilterDeadline``. Mitigation: upgrade to `8.31.0` or later.
CVE-2026-40280 SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-40280)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-40280). Confidential information can be exposed externally. Exploitable via ``downloadFrom``. Mitigation: upgrade to `8.31.0` or later.
CVE-2026-40281 Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40281)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40281). Data can be tampered with by attackers. Exploitable via ``WriteMetadata``. Mitigation: upgrade to `8.31.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →