DescriptionwkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
wkhtmltopdf (PTS)bullseye0.12.6-1vulnerable
sid, trixie, bookworm0.12.6-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs

By design, wkhtmltopdf retrieves external resources. If it is employed inside
a protected network in an automated way, a malicious actor may access internal
resources. A user of wkhtmltopdf should restrict such access.

Search for package or bug name: Reporting problems