CVE-2022-2525: Improper Restriction of Excessive Authentication Attempts

April 15, 2023 (updated April 24, 2023)

Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.

References

github.com/advisories/GHSA-jg8w-wgx2-g7q4
github.com/janeczku/calibre-web/commit/49e4f540c9b204c7e39b3c27ceadecd83ed60e7e
huntr.dev/bounties/9ff87820-c14c-4454-9764-406496254ef0
nvd.nist.gov/vuln/detail/CVE-2022-2525

Code Behaviors & Features

Detect and mitigate CVE-2022-2525 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →