Server-Side Request Forgery (SSRF) in gotenberg - CVE-2026-42595
Published: May 5, 2026
gotenberg
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information from internal network resources.
The vulnerability exists due to server-side request forgery in the Chromium URL conversion endpoint when processing user-supplied URLs and following redirects. A remote attacker can submit a crafted URL to make the server fetch internal HTTP or HTTPS resources and disclose sensitive information from internal network resources.
The issue affects the /forms/chromium/convert/url endpoint, and redirects to internal destinations are followed without re-validating the redirect target.