CVE-2024-31993 | Mealie up to 1.3.x scrape_image server-side request forgery (GHSL-2023-225)

Posted by Angelo Barbosa | Apr 19, 2024 | CVE

A vulnerability was found in Mealie up to 1.3.x and classified as problematic. Affected by this issue is the function scrape_image. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2024-31993. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31993 | Mealie up to 1.3.x scrape_image server-side request forgery (GHSL-2023-225)

Related Posts

CVE-2024-7988 | Rockwell ThinManager ThinServer unrestricted upload (ZDI-24-1158)

CVE-2024-7426 | PeepSo Community Plugin up to 6.4.6.0 on WordPress information disclosure

CVE-2023-49140 | Jtekt Electronics GC-A22W-CW Packets denial of service

CVE-2022-45352 | Muffingroup Betheme Plugin up to 26.6.1 on WordPress authorization