Lucene search

[email protected]NVD:CVE-2024-29029

HistoryApr 19, 2024 - 4:15 p.m.

CVE-2024-29029

2024-04-1916:15:09

CWE-79

CWE-918

[email protected]

web.nvd.nist.gov

ssrf

xss

memos

0.13.2

vulnerability

unauthenticated users

internal network

reflected

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

26.5%

JSON

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is then copied into the response of the current server request, causing a reflected XSS vulnerability.

References

github.com/usememos/memos/blob/06dbd8731161245444f4b50f4f9ed267f7c3cf63/api/v1/http_getter.go#L29

github.com/usememos/memos/commit/bbd206e8930281eb040cc8c549641455892b9eb5

securitylab.github.com/advisories/GHSL-2023-154_GHSL-2023-156_memos/

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

26.5%

JSON

Related for NVD:CVE-2024-29029

osv1 veracode1 cve1 cvelist1