Bookwyrm Security Vulnerabilities and Issues — Bookwyrm CVE List

Lucene search

JoinbookwyrmBookwyrm

3 matches found

CVE•added 2022/08/04 9:15 a.m.•60 views

CVE-2022-2651

Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5.

9.8CVSS9.6AI score0.00647EPSS

CVE•added 2022/08/12 9:15 p.m.•57 views

CVE-2022-35953

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was patch...

7.1CVSS6.2AI score0.00074EPSS

CVE•added 2022/08/02 9:15 p.m.•51 views

CVE-2022-35925

BookWyrm is a social network for tracking reading. Versions prior to 0.4.5 were found to lack rate limiting on authentication views which allows brute-force attacks. This issue has been patched in version 0.4.5. Admins with existing instances will need to update their nginx.conf file that was creat...

9.8CVSS7.6AI score0.0006EPSS