Mealie 安全漏洞

Mealie is a self-hosted recipe manager and meal planner by an individual developer in Hayden, USA. A security vulnerability exists in Mealie v2.2.0 that stems from improper object-level authorization...

CVE-2024-31992 Mealie contains a DoS vulnerability in recipe importer

Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safescrapehtml function utilizes a user-controlled URL to issue a request to a remote server, however these requests are not rate-limited. While there are efforts to prevent DDoS by implementing a timeout on requests, it...