CNNVD-202601-3005 Information

CNNVD ID

CNNVD-202601-3005

Related CVE

CVE-2026-23838

• CNNVD Published: 2026-01-19

Description (Chinese)

Tandoor Recipes是Tandoor Recipes开源的一个用于管理食谱、计划膳食、建立购物清单等等的应用程序。 Tandoor Recipes 23.05版本至26.05之前版本存在安全漏洞，该漏洞源于默认配置下数据库文件可能通过HTTP被外部访问，可能导致数据泄露。

Description (English)

Tandoor Recipes is an application for the management of recipes, the planning of meals, the creation of shopping lists, etc. There is a security loophole in the Tandoor Recipes 23.05 to 26.05, which stems from the fact that database files under the default configuration may be accessed externally through HTTP, which could lead to data leakage.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Tandoor Recipes

Published

2026-01-19

Last Modified

2026-02-24

References

https://github.com/NixOS/nixpkgs/pull/481140 https://github.com/NixOS/nixpkgs/issues/338339 https://github.com/NixOS/nixpkgs/pull/427845 https://github.com/NixOS/nixpkgs/security/advisories/GHSA-g8w3-p77x-mmxh https://access.redhat.com/security/cve/cve-2026-23838

Patch

https://github.com/NixOS/nixpkgs/tags