Every CVE whose affected-product data names Mealie Project Mealie, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-34613 — CVSS 9.8 (critical): Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file.
CVE-2022-34625 — CVSS 7.2 (high): Mealie1.0.0beta3 was discovered to contain a Server-Side Template Injection vulnerability, which allows attackers to execute arbitrary code…
CVE-2022-34618 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a…
CVE-2022-34619 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted…