CVE-2021-23345 - OpenCVE

All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Thecodingmachine	Gotenberg

Configuration 1 [-]

cpe:2.3:a:thecodingmachine:gotenberg:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/thecodingmachine/gotenberg/issues/261	Exploit Third Party Advisory
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMTHECODINGMACHINEGOTENBERG-1062043	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: snyk

Published: 2021-02-26T00:00:00

Updated: 2021-02-26T17:20:17

Reserved: 2021-01-08T00:00:00

Link: CVE-2021-23345

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-02-26T18:15:12.330

Modified: 2021-03-09T13:30:44.367

Link: CVE-2021-23345

JSON object: View

Redhat Information

No data.

CWE

CWE-918

{"containers": {"cna": {"affected": [{"product": "github.com/thecodingmachine/gotenberg", "vendor": "n/a", "versions": [{"lessThan": "unspecified", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Elavon Payments (@etsms)"}], "datePublic": "2021-02-26T00:00:00", "descriptions": [{"lang": "en", "value": "All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Server-side Request Forgery (SSRF)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-26T17:20:17", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMTHECODINGMACHINEGOTENBERG-1062043"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/thecodingmachine/gotenberg/issues/261"}], "title": "Server-side Request Forgery (SSRF)", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2021-02-26T17:18:15.389721Z", "ID": "CVE-2021-23345", "STATE": "PUBLIC", "TITLE": "Server-side Request Forgery (SSRF)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "github.com/thecodingmachine/gotenberg", "version": {"version_data": [{"version_affected": ">=", "version_value": "0"}]}}]}, "vendor_name": "n/a"}]}}, "credit": [{"lang": "eng", "value": "Elavon Payments (@etsms)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Server-side Request Forgery (SSRF)"}]}]}, "references": {"reference_data": [{"name": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMTHECODINGMACHINEGOTENBERG-1062043", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMTHECODINGMACHINEGOTENBERG-1062043"}, {"name": "https://github.com/thecodingmachine/gotenberg/issues/261", "refsource": "MISC", "url": "https://github.com/thecodingmachine/gotenberg/issues/261"}]}}}}, "cveMetadata": {"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2021-23345", "datePublished": "2021-02-26T00:00:00", "dateReserved": "2021-01-08T00:00:00", "dateUpdated": "2021-02-26T17:20:17", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:thecodingmachine:gotenberg:*:*:*:*:*:*:*:*", "matchCriteriaId": "04B8DDEA-4AE8-45F2-9FF8-77E45DACD9A0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>."}, {"lang": "es", "value": "Todas las versiones del paquete github.com/thecodingmachine/gotenberg son vulnerables a un ataque de tipo Server-side Request Forgery (SSRF) por medio del endpoint /convert/html cuando el atributo src de un elemento HTML referencia a un archivo interno del sistema, como (iframe src=\"archivo:///etc/passwd\")"}], "id": "CVE-2021-23345", "lastModified": "2021-03-09T13:30:44.367", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "report@snyk.io", "type": "Secondary"}]}, "published": "2021-02-26T18:15:12.330", "references": [{"source": "report@snyk.io", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/thecodingmachine/gotenberg/issues/261"}, {"source": "report@snyk.io", "tags": ["Exploit", "Third Party Advisory"], "url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMTHECODINGMACHINEGOTENBERG-1062043"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}]}