AI Score
Confidence
High
EPSS
Percentile
73.7%
In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an attacker to overwrite the file, which can lead to denial of service or code execution.
packetstormsecurity.com/files/160744/Gotenberg-6.2.0-Traversal-Code-Execution-Insecure-Permissions.html
github.com/thecodingmachine/gotenberg/issues/199