Lucene search
HistoryAug 04, 2022 - 9:15 a.m.
CVE-2022-2651
cve-2022-2651
weakness
github repository
bookwyrm prior to 0.4.5
authentication bypass
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.119
Percentile
95.4%
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5.
Affected configurations
Node
joinbookwyrmbookwyrmRange<0.4.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joinbookwyrm | bookwyrm | * | cpe:2.3:a:joinbookwyrm:bookwyrm:*:*:*:*:*:*:*:* |
Related
osv
osv
CVE-2022-2651
2022-08-04 09:15:08
cvelist
cvelist
packetstorm
packetstorm
Bookwyrm 0.4.3 Authentication Bypass
2022-09-20 00:00:00
huntr
huntr
Email Verification Bypass Leads To Account Takeover
2022-07-12 07:07:55
exploitdb
exploitdb
Bookwyrm v0.4.3 - Authentication Bypass
2022-09-20 00:00:00
prion
prion
Authentication flaw
2022-08-04 09:15:00
zdt
zdt
Bookwyrm v0.4.3 - Authentication Bypass Vulnerability
2022-09-20 00:00:00
cve
cve
CVE-2022-2651
2022-08-04 09:15:08
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.119
Percentile
95.4%
Related for NVD:CVE-2022-2651