Lucene search
K

5 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-304 Server-Side Request Forgery in calibreweb

calibreweb prior to version 0.6.17 is vulnerable to server-side request forgery SSRF. This is due to an incomplete fix for CVE-2022-0339. The blacklist does not check for 0.0.0.0, which would result in a payload of 0.0.0.0 resolving to localhost...

9.8CVSS6.7AI score0.01284EPSS
Exploits1References6
OSV
OSV
added 2022/03/08 12:0 a.m.26 views

GHSA-2647-C639-QV2J Server-Side Request Forgery in calibreweb

calibreweb prior to version 0.6.17 is vulnerable to server-side request forgery SSRF. This is due to an incomplete fix for CVE-2022-0339. The blacklist does not check for 0.0.0.0, which would result in a payload of 0.0.0.0 resolving to localhost...

9.8CVSS9.4AI score0.01284EPSS
Exploits1References4
Circl
Circl
added 2022/02/28 7:25 a.m.6 views

CVE-2022-0339

creationtimestamp| type| source ---|---|--- 2022-02-28 07:25:18+00:00| seen| https://t.me/cibsecurity/36568...

9.8CVSS6.8AI score0.00954EPSS
Exploits1References1
CVE
CVE
added 2022/01/30 1:17 p.m.96 views

CVE-2022-0339

CVE-2022-0339 is a Server-Side Request Forgery (SSRF) flaw affecting calibreweb. The connected sources indicate calibreweb prior to version 0.6.16 is vulnerable, with references noting an incomplete fix for the CVE and a blacklist weakness (0.0.0.0) that could resolve to localhost. Several adviso...

9.8CVSS7.8AI score0.00954EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/01/30 1:17 p.m.35 views

CVE-2022-0339 Server-Side Request Forgery (SSRF) in janeczku/calibre-web

Server-Side Request Forgery SSRF in Pypi calibreweb prior to 0.6.16...

6.5CVSS9.7AI score0.00954EPSS
Exploits1References2
Rows per page
Query Builder