Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Mon, 29 Sep 2025 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:grocy_project:grocy:*:*:*:*:*:*:*:* |
Mon, 06 Jan 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 06 Jan 2025 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Mon, 06 Jan 2025 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Grocy through 4.2.0 allows remote attackers to obtain sensitive information via direct requests to pages that are not shown in the UI, such as calendar and recipes. | Grocy through 4.3.0 allows remote attackers to obtain sensitive information via direct requests to pages that are not shown in the UI, such as calendar and recipes. |
Weaknesses | CWE-425 |
Mon, 06 Jan 2025 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Grocy through 4.2.0 allows remote attackers to obtain sensitive information via direct requests to pages that are not shown in the UI, such as calendar and recipes. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-01-06T21:13:15.565Z
Reserved: 2024-12-06T00:00:00
Link: CVE-2024-55075

Updated: 2025-01-06T21:13:07.548Z

Status : Analyzed
Published: 2025-01-06T21:15:14.970
Modified: 2025-09-29T17:47:24.730
Link: CVE-2024-55075

No data.

Updated: 2025-07-12T15:42:27Z