Lucene search
K

55 matches found

OSV
OSV
added 2024/08/20 8:29 p.m.12 views

GO-2023-1761 imgproxy is vulnerable to Server-Side Request Forgery in github.com/imgproxy/imgproxy

imgproxy is vulnerable to Server-Side Request Forgery in github.com/imgproxy/imgproxy...

5.3CVSS5.1AI score0.02214EPSS
Exploits1References5
OSV
OSV
added 2024/08/20 8:29 p.m.15 views

GO-2023-1651 imgproxy Cross-site Scripting vulnerability in github.com/imgproxy/imgproxy

imgproxy Cross-site Scripting vulnerability in github.com/imgproxy/imgproxy...

6.5CVSS5.4AI score0.01585EPSS
Exploits1References4
Veracode
Veracode
added 2023/05/11 4:24 a.m.25 views

Server-side Request Forgery (SSRF)

github.com/imgproxy/imgproxy is vulnerable to Server-Side Request Forgery SSRF. The vulnerability exists due to unsafe sanitation of the imageURL parameter, which allows an attacker to cause server-side request forgery...

5.3CVSS6.4AI score0.02214EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/05/08 3:30 p.m.21 views

GHSA-9X7H-GGC3-XG47 imgproxy is vulnerable to Server-Side Request Forgery

imgproxy prior to version 3.15.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter...

5.3CVSS5.1AI score0.02214EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/05/08 3:30 p.m.98 views

imgproxy is vulnerable to Server-Side Request Forgery

imgproxy prior to version 3.15.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter...

5.3CVSS6.4AI score0.02214EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/05/08 3:15 p.m.27 views

CVE-2023-30019

imgproxy =3.14.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter...

5.3CVSS7.1AI score0.02214EPSS
Exploits1References2
NVD
NVD
added 2023/05/08 3:15 p.m.24 views

CVE-2023-30019

imgproxy =3.14.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter...

5.3CVSS5.2AI score0.02214EPSS
Exploits1References2
Prion
Prion
added 2023/05/08 3:15 p.m.20 views

Server side request forgery (ssrf)

imgproxy =3.14.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter...

5CVSS5.2AI score0.02214EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/08 12:0 a.m.7 views

CVE-2023-30019

imgproxy =3.14.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter...

5.2AI score0.02214EPSS
Exploits1References2
CVE
CVE
added 2023/05/08 12:0 a.m.156 views

CVE-2023-30019

Imgproxy

5.3CVSS5.2AI score0.02214EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/05/08 12:0 a.m.7 views

imgproxy 代码问题漏洞

imgproxy is imgproxy individual developer's fast and secure standalone server for tweaking and converting remote images. A security vulnerability exists in imgproxy version 3.14.0 and earlier versions, which stems from a lack of cleanup of the imageURL parameter...

5.3CVSS5.7AI score0.02214EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/05/08 12:0 a.m.29 views

CVE-2023-30019

imgproxy =3.14.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter...

5.5AI score0.02214EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/05/08 12:0 a.m.3 views

PT-2023-22513 · Imgproxy · Imgproxy

Name of the Vulnerable Software and Affected Versions: imgproxy versions 3.14.0 and earlier imgproxy prior to version 3.15.0 Description: The issue is related to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter. This allows for potential exploitation...

5.3CVSS7.2AI score0.02214EPSS
Exploits1References9
Veracode
Veracode
added 2023/03/22 12:57 a.m.26 views

Cross-site Scripting (XSS)

github.com/imgproxy/imgproxy is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the Satitize function in svg.go does not sanitize the use tags in SVG files, which allows an attacker to inject and execute malicious JavaScript...

5.4CVSS5.5AI score0.01585EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/03/19 6:30 p.m.30 views

imgproxy Cross-site Scripting vulnerability

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0...

6.5CVSS5.3AI score0.01585EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/03/19 6:30 p.m.81 views

GHSA-CH9G-X9J7-RCGP imgproxy Cross-site Scripting vulnerability

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0...

5.4CVSS5.3AI score0.01585EPSS
Exploits1References4
NVD
NVD
added 2023/03/19 5:15 p.m.49 views

CVE-2023-1496

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0...

6.5CVSS5.4AI score0.01585EPSS
Exploits1References2
Prion
Prion
added 2023/03/19 5:15 p.m.17 views

Cross site scripting

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0...

6.4CVSS5.3AI score0.01585EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/19 12:0 a.m.9 views

CVE-2023-1496 Cross-site Scripting (XSS) - Reflected in imgproxy/imgproxy

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0...

6.5CVSS5.3AI score0.01585EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/03/19 12:0 a.m.28 views

imgproxy 跨站脚本漏洞

imgproxy is imgproxy individual developer's fast and secure standalone server for tweaking and converting remote mirrors. A cross-site scripting vulnerability exists in imgproxy versions prior to 3.14.0, which stems from the presence of reflected cross-site scripting XSS...

6.5CVSS5.8AI score0.01585EPSS
Exploits1References3
Rows per page
Query Builder