Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rembg allows SSRF via /api/remove
Vulnerability Description
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure.
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Rembg 代码问题漏洞
Vulnerability Description
Rembg是Daniel Gatis个人开发者的一个删除图像背景的工具。 Rembg 2.0.57及之前版本存在代码问题漏洞,该漏洞源于/api/remove端点允许获取、处理和返回图像,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A