CVE-2023-30019

imgproxy/imgproxy

on github

Published

May 8, 2023

Severity

CVSS v3:

5.3 MEDIUM

CVSS v2:

N/A

Description

imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.

References

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:evilmartians:imgproxy::::::::	n/a	3.14.0 (including)	*

External Links

NVD - CVE-2023-30019