Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-42597 |
|
Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42597)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42597). Confidential information can be exposed externally. Exploitable via ``AllowedFilePrefixes``. Mitigation: upgrade to `8.32.0` or later.
|
| CVE-2026-42590 |
|
Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42590)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42590). Data can be tampered with by attackers. Exploitable via ``FileName``.
|
| CVE-2026-42591 |
|
SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-42591)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-42591). Confidential information can be exposed externally. Exploitable via `GET /GOTENBERG_SSRF`.
|
| CVE-2026-42592 |
|
Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42592)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42592). Risk of unauthorized operations or information disclosure. Exploitable via ``FilterOutboundURL``.
|
| CVE-2026-42593 |
|
Path Traversal in github.com/gotenberg/gotenberg/v8 (CVE-2026-42593)
path traversal in github.com/gotenberg/gotenberg/v8 (CVE-2026-42593). Risk of unauthorized operations or information disclosure. Exploitable via ``stamp``.
|
| CVE-2026-42594 |
|
Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42594)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-42594). Risk of unauthorized operations or information disclosure. Exploitable via `GET /version`. Mitigation: upgrade to `8.32.0` or later.
|
| CVE-2026-42596 |
|
SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-42596)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-42596). Confidential information can be exposed externally. Exploitable via `POST /upload`. Mitigation: upgrade to `8.32.0` or later.
|
| CVE-2026-42589 |
|
OS Command Injection in github.com/gotenberg/gotenberg/v8 (CVE-2026-42589)
OS command injection in github.com/gotenberg/gotenberg/v8 (CVE-2026-42589). Successful exploitation can lead to full system takeover. Exploitable via ``dangerousTags``.
|
| CVE-2026-40893 |
|
Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40893)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40893). Data can be tampered with by attackers. Exploitable via ``FileName``.
|
| CVE-2026-42595 |
|
SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-42595)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-42595). Confidential information can be exposed externally. Exploitable via ``downloadFrom``. Mitigation: upgrade to `8.32.0` or later.
|
| CVE-2026-39383 |
|
SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383). Confidential information can be exposed externally. Exploitable via ``FilterDeadline``. Mitigation: upgrade to `8.31.0` or later.
|
| CVE-2026-40280 |
|
SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-40280)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-40280). Confidential information can be exposed externally. Exploitable via ``downloadFrom``. Mitigation: upgrade to `8.31.0` or later.
|
| CVE-2026-40281 |
|
Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40281)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40281). Data can be tampered with by attackers. Exploitable via ``WriteMetadata``. Mitigation: upgrade to `8.31.0` or later.
|