{"id":"PYSEC-2022-23","details":"Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16.","aliases":["CVE-2022-0339","GHSA-4w8p-x6g8-fv64"],"modified":"2023-11-01T04:57:05.023178Z","published":"2022-01-30T14:15:00Z","references":[{"type":"FIX","url":"https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92"},{"type":"WEB","url":"https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-4w8p-x6g8-fv64"}],"affected":[{"package":{"name":"calibreweb","ecosystem":"PyPI","purl":"pkg:pypi/calibreweb"},"ranges":[{"type":"GIT","repo":"https://github.com/janeczku/calibre-web","events":[{"introduced":"0"},{"fixed":"3b216bfa07ec7992eff03e55d61732af6df9bb92"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.16"}]}],"versions":["0.6.12","0.6.13","0.6.14","0.6.15"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/calibreweb/PYSEC-2022-23.yaml"}}],"schema_version":"1.7.3"}