CVE-2024-31993 | Mealie up to 1.3.x scrape_image server-side request forgery (GHSL-2023-225)

Posted by Angelo Barbosa | Apr 19, 2024 | CVE

A vulnerability was found in Mealie up to 1.3.x and classified as problematic. Affected by this issue is the function scrape_image. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2024-31993. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31993 | Mealie up to 1.3.x scrape_image server-side request forgery (GHSL-2023-225)

Related Posts

CVE-2024-42059 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 FTP os command injection

CVE-2024-24815 | CKeditor4 up to 4.23.x HTML Parsing Module cross site scripting (GHSA-fq6h-4g8v-qqvm)

CVE-2023-5372 | Zyxel NAS326/NAS542 URL os command injection

CVE-2024-27021 | Linux Kernel up to 6.8.7/6.9-rc3 r8169 devm_led_classdev_register deadlock (53d986f39acd/19fa4f2a85d7)