CVE-2026-42597 is a medium-severity server-side request forgery (SSRF) vulnerability in github.com/gotenberg/gotenberg/v8 (go), affecting versions <= 8.31.0. It is fixed in 8.32.0.
Summary The /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers. The default Chromium deny-list intentionally exempts file:///tmp/ so HTML/Markdown routes can load their own request-local assets, and those routes apply a per-request AllowedFilePrefixes guard to scope the read. The URL routes never set AllowedFilePrefixes, so the scope guard silently skips. Alice enumerates /tmp/, walks Gotenberg's per-request working directories, and reads the raw source files of other in-flight conversions as rendered PDF output. Details The default deny-list regex at pkg/modules/chromium/chromium.go:449 uses a negative lookahead to exempt /tmp/: pkg/gotenberg/outbound.go:185-187 short-circuits IP validation for non-HTTP schemes: So any file:///tmp/... URL passes FilterOutboundURL cleanly. The HTML route pairs the exemption with a per-request scope guard (pkg/modules/chromium/routes.go:518): and the CDP Fetch.requestPaused handler enforces the scope (pkg/modules/chromium/events.go:65-78): The len(options.allowedFilePrefixes) > 0 condition skips the entire enforcement block when the slice is empty. The URL route handler at pkg/modules/chromium/routes.go:406-448 (convertUrlRoute) never populates AllowedFilePrefixes. MandatoryString("url", &url) takes the form value without scheme validation and passes it to convertUrl → chromium.Pdf → Chromium navigation. Gotenberg stores uploaded request assets at /tmp/<gotenberg-work-uuid>/<request-uuid>/<file-uuid>.<ext> (pkg/gotenberg/fs.go:64-65). Chromium renders the targeted file:// URL as a PDF and the response body returns to the caller. Proof of Concept Reproduction uses the stock Docker image with no auth: Python script. Alice attacks, Bob runs a slow legitimate conversion whose request directory stays alive long enough for Alice to locate it. waitDelay=15s stands in for any naturally slow convert (large DOCX, multi-page HTML with external fetches, LibreOffice rendering a complex spreadsheet): Output against gotenberg 8.31.0: file:///tmp/ directory enumeration works on every request, unconditionally. Cross-request content read depends on timing: Alice needs the victim's request dir alive when she walks to it. Long-running legitimate conversions (large inputs, external HTTP fetches, explicit waitDelay) widen the window from milliseconds to seconds. Impact An unauthenticated caller enumerates /tmp/ on the Gotenberg host and reads the raw source files of other users' conversion requests while those requests are in flight. Content types include uploaded HTML, Markdown, Office documents awaiting LibreOffice conversion, and output PDFs staged for webhook delivery. The rendered file returns to the attacker as a PDF. In a multi-tenant deployment where multiple users submit documents to the same Gotenberg instance, cross-tenant document exfiltration is possible whenever the attacker wins the timing race against a victim's request lifecycle. Directory enumeration itself (the work-UUID and per-request-UUID structure) is available regardless of timing. The deny-list regex holds for paths outside /tmp/. file:///etc/passwd, file:///proc/self/environ, and similar targets return HTTP 403. The primitive is scoped to /tmp/, not arbitrary filesystem read. Recommended Fix Remove the len(options.allowedFilePrefixes) > 0 condition at pkg/modules/chromium/events.go:65 so URL routes block every file:// sub-resource by default: Equivalent alternative: reject non-http/https schemes in the URL route handlers (convertUrlRoute, screenshotUrlRoute) before handing the URL to Chromium. Found by aisafe.io
Untrusted input controls the target URL of a server-initiated request, which may reach internal services not otherwise accessible from outside. Typical impact: access to internal metadata services, internal APIs, or cloud credentials.
CVE-2026-42597 has a CVSS score of 5.9 (Medium). The vector is network-reachable, no privileges required, and no user interaction. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment.
A fixed version is available (8.32.0). Upgrading removes the vulnerable code path.
go
github.com/gotenberg/gotenberg/v8 (<= 8.31.0)github.com/gotenberg/gotenberg/v8 → 8.32.0 (go)Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.
Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter instead of chasing every advisory.
Kodem's runtime-powered SCA identifies whether CVE-2026-42597 is reachable in your applications. Explore open-source security for your team.
See if CVE-2026-42597 is reachable in your applications. Get a demo
Upgrade github.com/gotenberg/gotenberg/v8 to 8.32.0 or later to resolve this vulnerability.
Kodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.
CVE-2026-42597 is a medium-severity server-side request forgery (SSRF) vulnerability in github.com/gotenberg/gotenberg/v8 (go), affecting versions <= 8.31.0. It is fixed in 8.32.0. Untrusted input controls the target URL of a server-initiated request, which may reach internal services not otherwise accessible from outside.
CVE-2026-42597 has a CVSS score of 5.9 (Medium). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
github.com/gotenberg/gotenberg/v8 (go) versions <= 8.31.0 is affected.
Yes. CVE-2026-42597 is fixed in 8.32.0. Upgrade to this version or later.
Whether CVE-2026-42597 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
Upgrade github.com/gotenberg/gotenberg/v8 to 8.32.0 or later.