CVE-2022-0339: Server-Side Request Forgery in calibreweb
(updated )
calibreweb prior to version 0.6.16 contains a Server-Side Request Forgery (SSRF) vulnerability.
References
- github.com/advisories/GHSA-4w8p-x6g8-fv64
- github.com/janeczku/calibre-web
- github.com/janeczku/calibre-web/commit/35f6f4c727c887f8f3607fe3233dbc1980d15020
- github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92
- github.com/janeczku/calibre-web/releases/tag/0.6.16
- github.com/pypa/advisory-database/tree/main/vulns/calibreweb/PYSEC-2022-23.yaml
- huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369
- nvd.nist.gov/vuln/detail/CVE-2022-0339
Detect and mitigate CVE-2022-0339 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →