CVE-2024-55082

Name of the Vulnerable Software and Affected Versions Stirling-PDF version 0.35.1

Description A Server-Side Request Forgery (SSRF) issue in the endpoint "http://{your-server}/url-to-pdf" of Stirling-PDF allows attackers to access sensitive information via a crafted request. This enables attackers to obtain confidential data through manipulated requests.

Recommendations For Stirling-PDF version 0.35.1, as a temporary workaround, consider restricting access to the "http://{your-server}/url-to-pdf" endpoint until a patch is available. Avoid using this endpoint with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.