CVE-2022-0990

Name of the Vulnerable Software and Affected Versions calibre-web versions prior to 0.6.18

Description The issue is related to Server-Side Request Forgery (SSRF) in the GitHub repository janeczku/calibre-web. SSRF is a type of attack where an attacker can trick a server into making requests to internal or external resources, potentially leading to unauthorized access or data leakage. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions prior to 0.6.18, update to version 0.6.18 or later to resolve the issue. As a temporary workaround, consider restricting access to internal resources to minimize the risk of exploitation.