VDB
KO

GO-2026-5324

Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass in github.com/gotenberg/gotenberg

Details

Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass in github.com/gotenberg/gotenberg

Are you affected?

Enter the version of the package you're using.

Affected packages

Go / github.com/gotenberg/gotenberg/v7
Introduced in: 0

No fixed version published yet for github.com/gotenberg/gotenberg/v7 (go modules). Pin to a known-safe version or switch to an alternative.

Go / github.com/gotenberg/gotenberg/v8
Introduced in: 0 Fixed in: 8.32.0
Fix go get github.com/gotenberg/gotenberg/v8@v8.32.0

References