Lucene search
@huntrdevCVE-2022-2651HistoryAug 04, 2022 - 9:15 a.m.
CVE-2022-2651
2022-08-0409:15:08
CWE-305
@huntrdev
web.nvd.nist.gov
45
9
cve-2022-2651
authentication bypass
github
bookwyrm
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.119
Percentile
95.4%
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5.
Affected configurations
Node
joinbookwyrmbookwyrmRange<0.4.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joinbookwyrm | bookwyrm | * | cpe:2.3:a:joinbookwyrm:bookwyrm:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "bookwyrm-social/bookwyrm",
"vendor": "bookwyrm-social",
"versions": [
{
"lessThan": "0.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
osv
osv
CVE-2022-2651
2022-08-04 09:15:08
cvelist
cvelist
packetstorm
packetstorm
Bookwyrm 0.4.3 Authentication Bypass
2022-09-20 00:00:00
nvd
nvd
CVE-2022-2651
2022-08-04 09:15:08
huntr
huntr
Email Verification Bypass Leads To Account Takeover
2022-07-12 07:07:55
exploitdb
exploitdb
Bookwyrm v0.4.3 - Authentication Bypass
2022-09-20 00:00:00
prion
prion
Authentication flaw
2022-08-04 09:15:00
zdt
zdt
Bookwyrm v0.4.3 - Authentication Bypass Vulnerability
2022-09-20 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.119
Percentile
95.4%
Related for CVE-2022-2651