In Gotenberg up to and including 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an malicious user to overwrite the file, which can lead to denial of service or code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thecodingmachine gotenberg |