Lucene search
HistoryAug 04, 2022 - 9:15 a.m.
CVE-2022-2651
cve-2022-2651
authentication bypass
github
bookwyrm
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.053 Low
EPSS
Percentile
93.1%
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5.
Affected configurations
Node
joinbookwyrmbookwyrmRange<0.4.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| joinbookwyrm:bookwyrm | joinbookwyrm bookwyrm | lt | 0.4.5 |
CNA Affected
[
{
"product": "bookwyrm-social/bookwyrm",
"vendor": "bookwyrm-social",
"versions": [
{
"lessThan": "0.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
osv
osv
CVE-2022-2651
2022-08-04 09:15:08
cvelist
cvelist
nvd
nvd
CVE-2022-2651
2022-08-04 09:15:08
packetstorm
packetstorm
Bookwyrm 0.4.3 Authentication Bypass
2022-09-20 00:00:00
prion
prion
Authentication flaw
2022-08-04 09:15:00
zdt
zdt
Bookwyrm v0.4.3 - Authentication Bypass Vulnerability
2022-09-20 00:00:00
huntr
huntr
Email Verification Bypass Leads To Account Takeover
2022-07-12 07:07:55
exploitdb
exploitdb
Bookwyrm v0.4.3 - Authentication Bypass
2022-09-20 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.053 Low
EPSS
Percentile
93.1%
Related for CVE-2022-2651