Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mealie vulnerable to a GET-based SSRF in recipe image importer (GHSL-2023-227)
Vulnerability Description
Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the scrape_image function will retrieve an image based on a user-provided URL, however the provided URL is not validated to point to an external location and does not have any enforced rate limiting. The response from the Mealie server will also vary depending on whether or not the target file is an image, is not an image, or does not exist. Additionally, when a file is retrieved the file may remain stored on Mealie’s file system as original.jpg under the UUID of the recipe it was requested for. If the attacker has access to an admin account (e.g. the default changeme@example.com), this file can then be retrieved. Note that if Mealie is running in a development setting this could be leveraged by an attacker to retrieve any file that the Mealie server had downloaded in this fashion without the need for administrator access. This vulnerability is fixed in 1.4.0.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Mealie 安全漏洞
Vulnerability Description
Mealie是美国Hayden个人开发者的一个自托管的食谱管理器和膳食计划器。 Mealie 1.4.0之前版本存在安全漏洞,该漏洞源于scrape_image函数将根据用户提供的URL检索图像,但是所提供的URL未经过验证以指向外部位置,并且没有任何强制的速率限制。
CVSS Information
N/A
Vulnerability Type
N/A