漏洞标题
Mealie在食谱图片导入器中存在拒绝服务(DoS)漏洞(GHSL-2023-228)
漏洞描述信息
Mealie是一个自助式食谱管理和膳食计划器。在1.4.0版本之前,攻击者可以将图片请求指向任意大的文件。Mealie会尝试一次性获取整个文件。如果文件能够被获取,它可能会被完整地存储在文件系统中(可能导致磁盘消耗),但更可能的情况是,由于资源限制,如果目标文件大小超过容器分配的内存,容器在文件检索期间会因内存耗尽(Out of Memory,OOM)而崩溃。最好的情况是,这可能导致容器因OOM(如果在`docker-compose.yml`中这样配置)而无限期重启,最坏的情况是,这可能导致Mealie容器崩溃并保持离线状态。如果文件可以被检索,由于此端点没有速率限制,攻击者还可以持续不断地向他们选择的任何目标发送请求,这可能会导致对外部服务的拒绝服务(Denial of Service,DoS)攻击。这个漏洞在1.4.0版本中得到了修复。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
不加限制或调节的资源分配
漏洞标题
Mealie vulnerable to a DoS in recipe image importer (GHSL-2023-228)
漏洞描述信息
Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, an attacker can point the image request to an arbitrarily large file. Mealie will attempt to retrieve this file in whole. If it can be retrieved, it may be stored on the file system in whole (leading to possible disk consumption), however the more likely scenario given resource limitations is that the container will OOM during file retrieval if the target file size is greater than the allocated memory of the container. At best this can be used to force the container to infinitely restart due to OOM (if so configured in `docker-compose.yml), or at worst this can be used to force the Mealie container to crash and remain offline. In the event that the file can be retrieved, the lack of rate limiting on this endpoint also permits an attacker to generate ongoing requests to any target of their choice, potentially contributing to an external-facing DoS attack. This vulnerability is fixed in 1.4.0.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
漏洞类别
未加控制的资源消耗(资源穷尽)
漏洞标题
Mealie 安全漏洞
漏洞描述信息
Mealie是美国Hayden个人开发者的一个自托管的食谱管理器和膳食计划器。 Mealie 1.4.0之前版本存在安全漏洞,该漏洞源于端点缺乏速率限制还允许攻击者向其选择的任何目标生成持续请求,从而导致拒绝服务。
CVSS信息
N/A
漏洞类别
其他