CVE-2024-31993 | Mealie up to 1.3.x scrape_image server-side request forgery (GHSL-2023-225)

Posted by Angelo Barbosa | Apr 19, 2024 | CVE

A vulnerability was found in Mealie up to 1.3.x and classified as problematic. Affected by this issue is the function scrape_image. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2024-31993. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31993 | Mealie up to 1.3.x scrape_image server-side request forgery (GHSL-2023-225)

Related Posts

CVE-2024-2620 | Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 api/client/down_file.php uuid sql injection

CVE-2024-6996 | Google Chrome up to 126.0.6478.182 Frames Privilege Escalation

CVE-2024-0129 | NVIDIA NeMo up to All versions r2.0.0rc0 Tar File Extraction SaveRestoreConnector path traversal

CVE-2023-51090 | Tenda M3 1.0.0.12(4856) formGetWeiXinConfig stack-based overflow