imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
References
Link | Resource |
---|---|
https://breakandpray.com/cve-2023-30019-ssrf-in-imgproxy/ | Exploit Patch Third Party Advisory |
https://github.com/imgproxy/imgproxy | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-08T00:00:00
Updated: 2023-05-08T00:00:00
Reserved: 2023-04-07T00:00:00
Link: CVE-2023-30019
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-08T15:15:11.087
Modified: 2023-05-16T19:33:22.923
Link: CVE-2023-30019
JSON object: View
Redhat Information
No data.
CWE