Drw0If

Name of the Vulnerable Software and Affected Versions Gotenberg versions 8.29.1 and earlier Description Gotenberg uses the `dlclark/regexp2` library to compile user-supplied scope patterns without a timeout. This allows users with access to features utilizing this logic to potentially hang workers indefinitely. Specifically, the `/forms/chromium/screenshot/url` API endpoint is vulnerable. Attackers can craft a malicious scope pattern within the `extraHttpHeaders` form field, using nested quantifiers that cause infinite backtracking (ReDoS), leading to a denial-of-service condition. The vulnerable code is located in gotenberg/pkg/modules/chromium/routes.go:200. Recommendations Gotenberg versions prior to 8.29.1 should be updated.