What the vulnerability does
01Description
Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.
CVE-2022-2525
HIGH
CVE-2022-2525: Improper Restriction of Excessive Authentication Attempts in janeczku/calibre-web
CVSS base score
7.3/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
April 15, 2023
CVE published
February 6, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-62257
CVE-2026-31904 CTEK Chargeportal Improper Restriction of Excessive Authentication Attempts
CVE-2023-0860 Improper Restriction of Excessive Authentication Attempts in modoboa/modoboa-installer
CVE-2024-21652 Argo CD vulnerable to Bypassing of Brute Force Protection via Application Crash and In-Memory Data Loss
CVE-2025-49195 No protection against brute-force attacks
