CVE-2022-4803

CVSS V2 None CVSS V3 None
Description
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
Overview
  • CVE ID
  • CVE-2022-4803
  • Assigner
  • security@huntr.dev
  • Vulnerability Status
  • Modified
  • Published Version
  • 2022-12-28T14:15:10
  • Last Modified Date
  • 2023-03-02T02:15:40
Weakness Enumerations
CWE URL
CWE-639 http://cwe.mitre.org/data/definitions/639.html
CWE-284 http://cwe.mitre.org/data/definitions/284.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:* 1 OR 0.9.1
References
Reference URL Reference Tags
https://github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53
https://huntr.dev/bounties/0fba72b9-db10-4d9f-a707-2acf2004a286
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-4803
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4803
History
Created Old Value New Value Data Type Notes
2022-12-28 15:14:54 Added to TrackCVE
2022-12-28 15:14:56 Weakness Enumeration new
2022-12-31 04:17:36 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-31 04:17:39 CVSS V3 information new
2023-01-05 22:19:05 2023-01-05T22:13:16 CVE Modified Date updated
2023-01-05 22:19:05 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-05 22:19:09 Weakness Enumeration update
2023-01-05 22:19:11 CPE Information updated
2023-01-05 22:19:11 CVSS V3 information new
2023-03-02 03:17:29 2023-03-02T02:15:40 CVE Modified Date updated
2023-03-02 03:17:29 Analyzed Modified Vulnerability Status updated
2023-03-02 03:17:30 Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. Description updated
2023-03-02 03:17:30 CVSS V3 information new