imgproxy is vulnerable to SSRF against 0.0.0.0

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

服务端请求伪造(SSRF)

imgproxy 代码问题漏洞

imgproxy是imgproxy个人开发者的用于调整和转换远程镜像的快速且安全的独立服务器。 imgproxy存在代码问题漏洞，该漏洞源于存在针对0.0.0.0的服务器端请求伪造漏洞。

N/A

N/A