CVE-2023-30019
on github
Published
Severity
CVSS v3:
5.3 MEDIUM
CVSS v2:
N/A
Description
imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:evilmartians:imgproxy:*:*:*:*:*:*:*:* | n/a | 3.14.0 (including) | * |