Vulnerabilities > Calibre WEB Project > Calibre WEB

DATE CVE VULNERABILITY TITLE RISK
2023-04-15 CVE-2023-2106 Weak Password Requirements vulnerability in Calibre-Web Project Calibre-Web
Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20.
network
low complexity
calibre-web-project CWE-521
critical
9.8
2023-04-15 CVE-2022-2525 Improper Restriction of Excessive Authentication Attempts vulnerability in Calibre-Web Project Calibre-Web
Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.
network
low complexity
calibre-web-project CWE-307
critical
9.8
2022-05-16 CVE-2022-30765 SQL Injection vulnerability in Calibre-Web Project Calibre-Web 0.6.18
Calibre-Web before 0.6.18 allows user table SQL Injection.
network
low complexity
calibre-web-project CWE-89
7.5
2022-04-04 CVE-2022-0990 Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
network
low complexity
calibre-web-project CWE-918
6.4
2022-04-04 CVE-2022-0939 Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
network
low complexity
calibre-web-project CWE-918
7.5
2022-04-03 CVE-2022-0405 Improper Access Control vulnerability in Calibre-Web Project Calibre-Web
Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16.
network
low complexity
calibre-web-project CWE-284
4.0
2022-04-03 CVE-2022-0406 Incorrect Authorization vulnerability in Calibre-Web Project Calibre-Web
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
network
low complexity
calibre-web-project CWE-863
4.0
2022-03-07 CVE-2022-0766 Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
network
low complexity
calibre-web-project CWE-918
7.5
2022-03-07 CVE-2022-0767 Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
network
low complexity
calibre-web-project CWE-918
7.5
2022-01-30 CVE-2022-0273 Improper Access Control vulnerability in Calibre-Web Project Calibre-Web
Improper Access Control in Pypi calibreweb prior to 0.6.16.
network
low complexity
calibre-web-project CWE-284
4.0