6 matches found
CVE-2022-0766
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.17...
Server-Side Request Forgery (SSRF)
Description The fixes for CVE-2022-0767 & CVE-2022-0766 only address loopback/localhost IP addresses, this is an issue as other internal endpoints may be accessible to an attacker one of the most popular examples is 169.254.169.254 which is the AWS metadata address Proof of Concept The same as...
CVE-2022-0766
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.17...
CVE-2022-0766
CVE-2022-0766 describes a Server-Side Request Forgery (SSRF) in the GitHub repository janeczku/calibre-web prior to version 0.6.17. The vulnerability arises from an incomplete fix for a prior issue, allowing an attacker to induce the vulnerable service to make requests to internal or external res...
CVE-2022-0766 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.17...
CVE-2022-0766 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.17...