CVE-2024-29029

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is then copied into the response of the current server request, causing a reflected XSS vulnerability. Version 0.22.0 of memos removes the vulnerable file.

Published: Apr 19, 2024
Updated: May 4, 2025
CVE: CVE-2024-29029
GHSA: GHSA-9cqm-mgv9-vv9j
Severity: Medium
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79
CWE-918

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
github.com/usememos/memos	-	0.22.0
usememos / memos	-	0.22.0

https://github.com/usememos/memos/blob/06dbd8731161245444f4b50f4f9ed267f7c3cf63/api/v1/http_getter.go#L29
https://github.com/usememos/memos/commit/bbd206e8930281eb040cc8c549641455892b9eb5
https://securitylab.github.com/advisories/GHSL-2023-154_GHSL-2023-156_memos/

Vulnerability Database

CVE-2024-29029

Deep Security Visibility Without the Complexity