Imgproxy

imgproxy

Vendor: Evilmartians • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-30019 1Evilmartians 1Imgproxy Jan 29, 2025 May 8, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
CVE-2023-1496 1Evilmartians 1Imgproxy Nov 21, 2024 Mar 19, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0.