These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
Gotenberg versions prior to 8.32.0 contain a path traversal vulnerability in the URL-based conversion and screenshot routes. The `/forms/chromium/convert/url` and `/forms/chromium/screenshot/url` endpoints accept `url=file:///tmp/...` from unauthenticated callers. While Gotenberg's default Chromium deny-list intentionally exempts `file:///tmp/` to support HTML/Markdown routes loading request-local assets, [truncated]
A race condition in Gotenberg's webhook middleware allows unauthenticated remote attackers to crash the service. The vulnerability stems from improper handling of Echo's context lifecycle: after a synchronous handler returns ErrAsyncProcess, the webhook middleware spawns a goroutine that retains a reference to the request's echo.Context. Echo recycles this context to its sync.Pool, and when a concurrent r [truncated]
Gotenberg versions prior to 8.32.0 contain a path traversal vulnerability in PDF processing endpoints. Six API routes—pdfengines/merge, pdfengines/split, libreoffice/convert, and three chromium/convert variants—accept stampSource=pdf and watermarkSource=pdf parameters paired with user-controlled stampExpression and watermarkExpression paths. When no file is uploaded, these routes fail to sanitize the expr [truncated]
A time-of-check to time-of-use (TOCTOU) vulnerability in Gotenberg's URL filtering allows DNS rebinding attacks against internal services. The FilterOutboundURL function performs initial DNS resolution and IP validation, but discards resolved addresses. Chromium subsequently performs its own DNS resolution when navigating, creating a window where an attacker controlling DNS with short TTL records can retu [truncated]
CVE-2026-42590 affects Gotenberg before 8.30.0. A metadata-write blocklist in the ExifTool integration can be bypassed using ExifTool group-prefix syntax, and some pseudo-tags were not blocked at all. The result is unauthorized file manipulation on the server, with integrity impact and limited availability impact.
CVE-2026-40893 is a high-severity vulnerability in Gotenberg, a Docker-powered stateless API for PDF files. The issue stems from an incomplete validation of ExifTool metadata tags. Prior to version 8.31.0, Gotenberg only checked for an exact match of the tag name `FileName`, allowing the variant `System:FileName` to bypass validation. ExifTool would then process this tag, enabling remote attackers to move [truncated]