Security Advisory

CVE-2024-29028

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-19 15:14:02

Last updated 2024-08-07 17:47:02

Assigner GitHub_M

State PUBLISHED

Description

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1.

← Browse all CVEs View on cve.org ↗