Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.7 views

CVE-2022-0767

Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.17...

9.9CVSS6.7AI score0.00962EPSS
Exploits1References1
Huntr
Huntr
added 2022/03/09 7:6 p.m.78 views

Server-Side Request Forgery (SSRF)

Description The fixes for CVE-2022-0767 & CVE-2022-0766 only address loopback/localhost IP addresses, this is an issue as other internal endpoints may be accessible to an attacker one of the most popular examples is 169.254.169.254 which is the AWS metadata address Proof of Concept The same as...

6.4CVSS2.7AI score0.01316EPSS
Exploits3
Cvelist
Cvelist
added 2022/03/07 7:5 a.m.19 views

CVE-2022-0767 Server-Side Request Forgery (SSRF) in janeczku/calibre-web

Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.17...

9.1CVSS9.8AI score0.00962EPSS
Exploits1References2
CVE
CVE
added 2022/03/07 7:5 a.m.129 views

CVE-2022-0767

The CVE-2022-0767 entry describes a Server-Side Request Forgery (SSRF) in janeczku/calibre-web, prior to version 0.6.17. Connected sources indicate the root cause is incomplete SSRF protection that can be bypassed via HTTP redirects to internal endpoints (e.g., localhost); some analyses also note...

9.9CVSS9.5AI score0.00962EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/03/07 7:5 a.m.13 views

CVE-2022-0767 Server-Side Request Forgery (SSRF) in janeczku/calibre-web

Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.17...

9.1CVSS9.2AI score0.00962EPSS
Exploits1References4
Rows per page
Query Builder