exploitDog

CVE-2022-3993

Опубликовано: 14 нояб. 2022

Источник: nvd

CVSS3: 9.4

CVSS3: 9.8

EPSS Низкий

Описание

Improper Restriction of Excessive Authentication Attempts in GitHub repository kareadita/kavita prior to 0.6.0.3.

Ссылки

https://github.com/kareadita/kavita/commit/f8db37d3f9aa42d47e7c4f4ca839e892d3f97afb
Patch
Third Party Advisory
https://huntr.dev/bounties/bebd0cd6-18ec-469c-b6ca-19ffa9db0699
Exploit
Patch
Third Party Advisory
https://github.com/kareadita/kavita/commit/f8db37d3f9aa42d47e7c4f4ca839e892d3f97afb
Patch
Third Party Advisory
https://huntr.dev/bounties/bebd0cd6-18ec-469c-b6ca-19ffa9db0699
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kavitareader:kavita:*:*:*:*:*:*:*:*

Версия до 0.6.0.3 (исключая)

EPSS

Процентиль: 78%

0.01093

Низкий

9.4 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-307

CWE-307

Связанные уязвимости

GHSA-9wc2-mv76-38jp

CVSS3: 9.8

github

около 3 лет назад

Authentication Bypass by Primary Weakness in GitHub repository kareadita/kavita prior to 0.6.0.3.

EPSS

Процентиль: 78%

0.01093

Низкий

9.4 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-307

CWE-307

Уязвимость CVE-2022-3993