- Description
- Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability allows any user to execute commands on the server. In the case of the provided Docker Compose file as root. This vulnerability is fixed in 1.5.24.
- Source
- security-advisories@github.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-1336
- Hype score
- Not currently trending
CVE-2025-23211 Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability allows any user to execute commands o… https://t.co/NCl619r1G0
@CVEnew
28 Jan 2025
321 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-23211: CRITICAL] "Beware! Tandoor Recipes app had a Jinja2 SSTI vulnerability allowing users to run commands on the server. Update to version 1.5.24 to fix this cyber security flaw."#cybersecurity,#vulnerability https://t.co/UcittXt7a6 https://t.co/wk7IcXpomD
@CveFindCom
28 Jan 2025
34 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes