imgproxy/imgproxy on GitHub
Fast and secure standalone server for resizing and converting remote images
CVE History
| CVE | Published | CVSS v2 | CVSS v3 |
|---|---|---|---|
| CVE-2023-30019 | 5.3 MEDIUM | N/A | |
| imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter. | |||
| CVE-2023-1496 | 5.4 MEDIUM | N/A | |
| Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0. | |||