Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tandoor Recipes — `amount`/`unit` bypass serializer in `food/{id}/shopping/`
Vulnerability Description
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, the POST /api/food/{id}/shopping/ endpoint reads amount and unit directly from request.data and passes them without validation to ShoppingListEntry.objects.create(). Invalid amount values (non-numeric strings) cause an unhandled exception and HTTP 500. A unit ID from a different Space can be associated cross-space, leaking foreign-key references across tenant boundaries. All other endpoints creating ShoppingListEntry use ShoppingListEntrySerializer, which validates and sanitizes these fields. This vulnerability is fixed in 2.6.4.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Tandoor Recipes 安全漏洞
Vulnerability Description
Tandoor Recipes是Tandoor Recipes开源的一个用于管理食谱、计划膳食、建立购物清单等等的应用程序。 Tandoor Recipes 2.6.4之前版本存在安全漏洞,该漏洞源于POST /api/food/{id}/shopping/端点直接从request.data读取amount和unit,并在未经验证的情况下将其传递给ShoppingListEntry.objects.create,可能导致无效的amount值(非数字字符串)引发未处理的异常和HTTP 500,以及来自不同S
CVSS Information
N/A
Vulnerability Type
N/A