What the vulnerability does
01Description
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
CVE-2022-0767
CRITICAL
CVE-2022-0767: Server-Side Request Forgery (SSRF) in janeczku/calibre-web
CVSS base score
9.1/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H
Key dates
02Disclosure timeline
March 7, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-6497 prasathmani TinyFileManager File Upload filemanager.php server-side request forgery
CVE-2023-41054 LibreY Server-Side Request Forgery (SSRF) vulnerability in image_proxy.php
CVE-2026-3286 itwanger paicoding Image Save Endpoint ImageRestController.java save server-side request forgery
CVE-2025-34233 Vasion Print (formerly PrinterLogic) Insecure Use of file_get_contents()
CVE-2023-6388 Suite CRM v7.14.2 - SSRF
