CVE-2022-0273
published 2022-01-30CVE-2022-0273: Improper Access Control in Pypi calibreweb prior to 0.6.16.
PriorityP335medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.67%
47.3th percentile
Improper Access Control in Pypi calibreweb prior to 0.6.16.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| calibreweb | calibreweb | >= 0 < 0c0313f375bed7b035c8c0482bbb09599e16bfcf | 0c0313f375bed7b035c8c0482bbb09599e16bfcf |
| calibreweb | calibreweb | >= 0 < 0.6.16 | 0.6.16 |
| janeczku | calibre-web | < 0.6.16 | 0.6.16 |
| janeczku | janeczku_calibre-web | >= unspecified < 0.6.16 | 0.6.16 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv3.04.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Incorrect Authorization in calibreweb
osv·2022-01-31
CVE-2022-0273 [HIGH] Incorrect Authorization in calibreweb
Incorrect Authorization in calibreweb
calibreweb prior to version 0.6.16 contains an Incorrect Authorization vulnerability.
GHSA
Incorrect Authorization in calibreweb
ghsa·2022-01-31
CVE-2022-0273 [HIGH] CWE-284 Incorrect Authorization in calibreweb
Incorrect Authorization in calibreweb
calibreweb prior to version 0.6.16 contains an Incorrect Authorization vulnerability.
OSV
CVE-2022-0273: Improper Access Control in Pypi calibreweb prior to 0
osv·2022-01-30
CVE-2022-0273 CVE-2022-0273: Improper Access Control in Pypi calibreweb prior to 0
Improper Access Control in Pypi calibreweb prior to 0.6.16.
No detection rules found.
No public exploits indexed.
https://github.com/janeczku/calibre-web/commit/0c0313f375bed7b035c8c0482bbb09599e16bfcfhttps://huntr.dev/bounties/8f27686f-d698-4ab6-8ef0-899125792f13https://github.com/janeczku/calibre-web/commit/0c0313f375bed7b035c8c0482bbb09599e16bfcfhttps://huntr.dev/bounties/8f27686f-d698-4ab6-8ef0-899125792f13
2022-01-30
Published