Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
References
Link | Resource |
---|---|
https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367 | Patch Third Party Advisory |
https://huntr.dev/bounties/768fd7e2-a767-4d8d-a517-e9dda849c6e4 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
History
11 Apr 2022, 17:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:calibre-web_project:calibre-web:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.9 |
References | (MISC) https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367 - Patch, Third Party Advisory | |
References | (CONFIRM) https://huntr.dev/bounties/768fd7e2-a767-4d8d-a517-e9dda849c6e4 - Exploit, Issue Tracking, Patch, Third Party Advisory |
04 Apr 2022, 11:45
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-04 10:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-0939
Mitre link : CVE-2022-0939
CVE.ORG link : CVE-2022-0939
JSON object : View
Products Affected
calibre-web_project
- calibre-web
CWE
CWE-918
Server-Side Request Forgery (SSRF)