Lucene search

GitHub Advisory DatabaseGHSA-2647-C639-QV2J

HistoryMar 08, 2022 - 12:00 a.m.

Server-Side Request Forgery in calibreweb

2022-03-0800:00:31

CWE-918

GitHub Advisory Database

github.com

calibreweb

ssrf

vulnerability

software

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

62.1%

JSON

calibreweb prior to version 0.6.17 is vulnerable to server-side request forgery (SSRF). This is due to an incomplete fix for CVE-2022-0339. The blacklist does not check for 0.0.0.0, which would result in a payload of 0.0.0.0 resolving to localhost.

Affected configurations

Vulners

Node

calibrewebRange<0.6.17

VendorProductVersionCPE
*calibreweb*cpe:2.3:a:*:calibreweb:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
*	calibreweb	*	cpe:2.3:a::calibreweb::::::::*

References

github.com/advisories/GHSA-2647-c639-qv2j

github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8

huntr.dev/bounties/7f2a5bb4-e6c7-4b6a-b8eb-face9e3add7b

nvd.nist.gov/vuln/detail/CVE-2022-0766

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

62.1%

JSON

Related for GHSA-2647-C639-QV2J