CVE-2022-2756

HIGH

Published 2022-08-10T15:15:15

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2022-2756. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.0

7.1

/10

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14

0.713

probability

of exploitation in the wild

There is a 71.3% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25

Exploit Probability

Percentile: 0.986

Higher than 98.6% of all CVEs

Attack Vector Metrics

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

HIGH

Integrity

LOW

Availability

NONE

Description

Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1.

Available Exploits

Kavita <0.5.4.1 - Server-Side Request Forgery

Kavita before 0.5.4.1 is susceptible to server-side request forgery in GitHub repository kareadita/kavita. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.

ID: CVE-2022-2756

Author: theamanrawat Medium

References:

Related News

No news articles found for this CVE.

Affected Products

kareadita

kareadita/kavita

Affected Versions:

unspecified

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-v6vr-jvvr-p4m5

Advisory Details

Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1.

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-2756

WEB https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4

WEB https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216

Advisory provided by GitHub Security Advisory Database. Published: August 11, 2022, Modified: August 13, 2022

References

https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216

https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4

Published: 2022-08-10T15:15:15

Last Modified: 2024-08-03T00:46:04.503Z

Copied to clipboard!

CVE-2022-2756

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Kavita <0.5.4.1 - Server-Side Request Forgery

References:

Related News

Affected Products

kareadita/kavita

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!