Lucene search

CVE-2022-4803

🗓️ 28 Dec 2022 14:10:15Reported by @huntrdevType

CVE-2022-4803 Authorization Bypass in GitHub repo usememos/memo

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 11
Prion	Authorization	28 Dec 202214:15	–	prion
Veracode	Improper Access Control	2 Jan 202314:52	–	veracode
RedhatCVE	CVE-2022-4803	5 Feb 202520:20	–	redhatcve
NVD	CVE-2022-4803	28 Dec 202214:15	–	nvd
Huntr	Get all file in resource of any user and Delete any file of any user via IDOR	26 Dec 202207:36	–	huntr
Cvelist	CVE-2022-4803 Authorization Bypass Through User-Controlled Key in usememos/memos	28 Dec 202200:00	–	cvelist
OSV	GO-2023-1291 usememos/memos Improper Access Control vulnerability in github.com/usememos/memos	20 Aug 202420:25	–	osv
OSV	CVE-2022-4803	28 Dec 202214:15	–	osv
OSV	GHSA-MFMP-8MQG-Q4WM usememos/memos Improper Access Control vulnerability	28 Dec 202215:30	–	osv
Vulnrichment	CVE-2022-4803 Authorization Bypass Through User-Controlled Key in usememos/memos	28 Dec 202200:00	–	vulnrichment

Nvd

Node

usememos memosRange<0.9.1

[
  {
    "vendor": "usememos",
    "product": "usememos/memos",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "0.9.1",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53
huntr	www.huntr.dev/bounties/0fba72b9-db10-4d9f-a707-2acf2004a286

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Dec 2022 14:15Current

8.4High risk

Vulners AI Score8.4

CVSS38.1 - 8.8

EPSS0.00066

SSVC

CWE-639