CVE-2022-0767 – calibreweb

Package

Manager: pip
Name: calibreweb
Vulnerable Version: >=0 <0.6.17

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:H/SI:H/SA:H

EPSS: 0.00197 pctl0.41843

Details

Server-Side Request Forgery in calibreweb calibreweb prior to version 0.6.17 is vulnerable to server-side request forgery (SSRF). This is a result of incomplete SSRF protection that can be bypassed via an HTTP redirect. An HTTP server set up to respond with a 302 redirect may redirect a request to `localhost`.

Metadata

Created: 2022-03-08T00:00:31Z
Modified: 2022-03-15T21:52:59Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-h65g-jfqg-2w6m/GHSA-h65g-jfqg-2w6m.json
CWE IDs: ["CWE-918"]
Alternative ID: GHSA-h65g-jfqg-2w6m
Finding: F100
Auto approve: 1