Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tandoor Recipes Affected by Denial of Service via Recipe Import
Vulnerability Description
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.5, a critical Denial of Service (DoS) vulnerability was in the recipe import functionality. This vulnerability allows an authenticated user to crash the server or make a significantly degrade its performance by uploading a large size ZIP file (ZIP Bomb). This vulnerability is fixed in 2.6.5.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
对高度压缩数据的处理不恰当(数据放大攻击)
Vulnerability Title
Tandoor Recipes 安全漏洞
Vulnerability Description
Tandoor Recipes是Tandoor Recipes开源的一个用于管理食谱、计划膳食、建立购物清单等等的应用程序。 Tandoor Recipes 2.6.5之前版本存在安全漏洞,该漏洞源于食谱导入功能存在缺陷,可能导致上传大型ZIP文件时引发拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A