Aggregates CVE and security vulnerability intelligence across all kavitareader-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk ssrf and related security problems, affecting vendor surface automated decompression, vendor surface archive handling, and vendor surface file processing scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-0919 | Missing Authentication for Critical Function in GitHub repository kareadita/kavita prior to 0.7.0. | [email protected] | 8.1 | 0.32% | 2023-02-19 | 2026-02-25 |
| CVE-2022-3993 | Improper Restriction of Excessive Authentication Attempts in GitHub repository kareadita/kavita prior to 0.6.0.3. | [email protected] | 9.4 | 1.50% | 2022-11-14 | 2024-11-21 |
| CVE-2022-3945 | Improper Restriction of Excessive Authentication Attempts in GitHub repository kareadita/kavita prior to 0.6.0.3. | [email protected] | 5.3 | 1.00% | 2022-11-11 | 2024-11-21 |
| CVE-2022-2756 | Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. | [email protected] | 6.5 | 53.98% | 2022-08-10 | 2024-11-21 |