CVE-2022-2525
published 2023-04-15CVE-2022-2525: Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.
PriorityP345critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.76%
50.7th percentile
Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| calibreweb | calibreweb | >= 0 < 0.6.20 | 0.6.20 |
| janeczku | calibre-web | < 0.6.20 | 0.6.20 |
| janeczku | janeczku_calibre-web | >= unspecified < 0.6.20 | 0.6.20 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.07.3HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Improper Restriction of Excessive Authentication Attempts in calibreweb
osv·2023-04-15
CVE-2022-2525 [MEDIUM] Improper Restriction of Excessive Authentication Attempts in calibreweb
Improper Restriction of Excessive Authentication Attempts in calibreweb
Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.
GHSA
Improper Restriction of Excessive Authentication Attempts in calibreweb
ghsa·2023-04-15
CVE-2022-2525 [MEDIUM] CWE-307 Improper Restriction of Excessive Authentication Attempts in calibreweb
Improper Restriction of Excessive Authentication Attempts in calibreweb
Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/janeczku/calibre-web/commit/49e4f540c9b204c7e39b3c27ceadecd83ed60e7ehttps://huntr.dev/bounties/9ff87820-c14c-4454-9764-406496254ef0https://github.com/janeczku/calibre-web/commit/49e4f540c9b204c7e39b3c27ceadecd83ed60e7ehttps://huntr.dev/bounties/9ff87820-c14c-4454-9764-406496254ef0
2023-04-15
Published