| 제목 | crocodilestick Calibre-Web-Automated v1.0.0-v4.0.6 Denial of Service |
|---|
| 설명 | Calibre-Web-Automated (https://github.com/crocodilestick/Calibre-Web-Automated) suffers from a denial-of-service vulnerability. An unauthenticated remote attacker could use a GET /cwa-epub-fixer-start request to initiate a batch of EPUB fixes, rewriting and backing up library files in place. This fix reads and modifies all EPUB files in the library and creates backups, triggering a large number of CPU/disk operations and easily exhausting disk space. |
|---|
| 원천 | ⚠️ https://gist.github.com/menelausx/1b45c952d352a2ebdc01cd8d5aa88e87 |
|---|
| 사용자 | JasperX (UID 97281) |
|---|
| 제출 | 2026. 04. 16. PM 01:10 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 05. 03. AM 09:59 (17 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 360890 [crocodilestick Calibre-Web-Automated 까지 4.0.6 Admin Endpoint cps/cwa_functions.py 약한 인증] |
|---|
| 포인트들 | 20 |
|---|