Lucene search

PRIOn knowledge basePRION:CVE-2022-34613

HistoryAug 02, 2022 - 3:15 p.m.

Design/Logic Flaw

2022-08-0215:15:00

PRIOn knowledge base

www.prio-n.com

mealie 1.0.0beta3

arbitrary file upload

vulnerability

execute code

crafted file

nvd

9.5 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.9%

Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file.

CPENameOperatorVersion
mealieeq1.0.0 beta3

CPE	Name	Operator	Version
	mealie	eq	1.0.0 beta3

References

cwe.mitre.org/data/definitions/79.html

docs.mealie.io/changelog/v0.5.6/

gainsec.com/2022/08/02/cve-2022-34613-cve-2022-34618-cve-2022-34619-xss-file-upload-and-more/

hub.docker.com/r/hkotel/mealie