CVE-2024-0403

Summary

Recipes version 1.5.10 allows arbitrary HTTP requests to be made

through the server. This is possible because the application is

vulnerable to SSRF.

Affected Software

VendorProductVersion RangeStatus
RecipesRecipes1.5.10affected

Weaknesses

  • CWE-918: CWE-918 Server-Side Request Forgery (SSRF)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References