Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Calibre\-Web
(Janeczku)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 21 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-04-15 | CVE-2022-2525 | Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20. | Calibre\-Web | 9.8 | ||
| 2023-04-15 | CVE-2023-2106 | Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. | Calibre\-Web | 9.8 | ||
| 2021-10-04 | CVE-2021-25964 | In “Calibre-web” application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in “Metadata”. An attacker that has access to edit the metadata information, can inject JavaScript payload in the description field. When a victim tries to open the file, XSS will be triggered. | Calibre\-Web | 5.4 | ||
| 2021-11-16 | CVE-2021-25965 | In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site Request Forgery (CSRF). By luring an authenticated user to click on a link, an attacker can create a new user role with admin privileges and attacker-controlled credentials, allowing them to take over the application. | Calibre\-Web | 8.8 | ||
| 2022-01-16 | CVE-2021-4170 | calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Calibre\-Web | 5.4 | ||
| 2022-01-17 | CVE-2021-4171 | calibre-web is vulnerable to Business Logic Errors | Calibre\-Web | 9.8 | ||
| 2022-01-17 | CVE-2021-4164 | calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) | Calibre\-Web | 8.8 | ||
| 2022-01-28 | CVE-2022-0352 | Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16. | Calibre\-Web | 6.1 | ||
| 2022-01-30 | CVE-2022-0339 | Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16. | Calibre\-Web | 9.8 | ||
| 2022-01-30 | CVE-2022-0273 | Improper Access Control in Pypi calibreweb prior to 0.6.16. | Calibre\-Web | 6.5 |