Vulnerabilities > Calibre WEB Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-04 CVE-2022-0990 Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
network
low complexity
calibre-web-project CWE-918
6.4
2022-04-03 CVE-2022-0405 Improper Access Control vulnerability in Calibre-Web Project Calibre-Web
Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16.
network
low complexity
calibre-web-project CWE-284
4.0
2022-04-03 CVE-2022-0406 Incorrect Authorization vulnerability in Calibre-Web Project Calibre-Web
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
network
low complexity
calibre-web-project CWE-863
4.0
2022-01-30 CVE-2022-0273 Improper Access Control vulnerability in Calibre-Web Project Calibre-Web
Improper Access Control in Pypi calibreweb prior to 0.6.16.
network
low complexity
calibre-web-project CWE-284
4.0
2022-01-28 CVE-2022-0352 Cross-site Scripting vulnerability in Calibre-Web Project Calibre-Web
Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16.
4.3
2022-01-17 CVE-2021-4164 Cross-Site Request Forgery (CSRF) vulnerability in Calibre-Web Project Calibre-Web
calibre-web is vulnerable to Cross-Site Request Forgery (CSRF)
6.8
2021-11-16 CVE-2021-25965 Cross-Site Request Forgery (CSRF) vulnerability in Calibre-Web Project Calibre-Web
In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site Request Forgery (CSRF).
6.8