Filtered by vendor Audiobookshelf Subscriptions
Filtered by product Audiobookshelf Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-51697 1 Audiobookshelf 1 Audiobookshelf 2024-11-21 4.3 Medium
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.7.0, Audiobookshelf is vulnerable to unauthenticated blind server-side request (SSRF) vulnerability in `podcastUtils.js`. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this vulnerability.
CVE-2023-51665 1 Audiobookshelf 1 Audiobookshelf 2024-11-21 4.3 Medium
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.7.0, Audiobookshelf is vulnerable to unauthenticated blind server-side request (SSRF) vulnerability in Auth.js. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this vulnerability.
CVE-2023-47624 1 Audiobookshelf 1 Audiobookshelf 2024-11-21 7.5 High
Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, any user (regardless of their permissions) may be able to read files from the local file system due to a path traversal in the `/hls` endpoint. This issue may lead to Information Disclosure. As of time of publication, no patches are available.
CVE-2023-47619 1 Audiobookshelf 1 Audiobookshelf 2024-11-21 8.1 High
Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, users with the update permission are able to read arbitrary files, delete arbitrary files and send a GET request to arbitrary URLs and read the response. This issue may lead to Information Disclosure. As of time of publication, no patches are available.
CVE-2024-43797 2 Advplyr, Audiobookshelf 2 Audiobookshelf, Audiobookshelf 2024-09-13 6.3 Medium
audiobookshelf is a self-hosted audiobook and podcast server. A non-admin user is not allowed to create libraries (or access only the ones they have permission to). However, the `LibraryController` is missing the check for admin user and thus allows a path traversal issue. Allowing non-admin users to write to any directory in the system can be seen as a form of path traversal. However, since it can be restricted to only admin permissions, fixing this is relatively simple and falls more into the realm of Role-Based Access Control (RBAC). This issue has been addressed in release version 2.13.0. All users are advised to upgrade. There are no known workarounds for this vulnerability.