Server-Side Request Forgery (SSRF) in janeczku/calibre-web
Description
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Server-Side Request Forgery (SSRF) in Calibre-Web's cover upload feature allows accessing localhost resources, fixed in 0.6.17.
Vulnerability
Calibre-Web versions prior to 0.6.17 contain a Server-Side Request Forgery (SSRF) vulnerability in the save_cover_from_url function, which handles cover image uploads via a user-provided URL [1][2]. The validation to block localhost access only checked for IPs starting with 127., ::ffff:7f, or ::1, missing other loopback addresses such as 0.0.0.0 and ::. Additionally, the function followed HTTP redirects (allow_redirects=True), allowing an attacker to bypass the check by using a URL that redirects to a localhost resource [3].
Exploitation
An attacker can exploit this vulnerability by submitting a malicious URL to the cover upload functionality, either directly pointing to an internal IP (e.g., 0.0.0.0) or to an external server that redirects to a localhost address [3]. No authentication is required if the cover upload endpoint is exposed to unauthenticated users; otherwise, any authenticated user with cover upload permissions can trigger the SSRF [4].
Impact
Successful exploitation allows an attacker to make the Calibre-Web server send HTTP requests to internal network resources, including services running on localhost. This can lead to information disclosure, access to internal APIs, or further attacks against other internal systems. The SSRF enables access to resources that are otherwise unreachable from the external network [4].
Mitigation
The vulnerability is fixed in commit 965352c [3], which adds additional IP checks for 0.0.0.0 and ::, and disables redirects by setting allow_redirects=False. The fix is included in Calibre-Web version 0.6.17 [2]. Users should upgrade to 0.6.17 or later. No workarounds are available, and this vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
calibrewebPyPI | < 0.6.17 | 0.6.17 |
Affected products
2- janeczku/janeczku/calibre-webv5Range: unspecified
Patches
1965352c8d96cDon't allow redirects on cover uploads, catch more addresses which resolve to localhost
1 file changed · +2 −2
cps/helper.py+2 −2 modified@@ -734,10 +734,10 @@ def save_cover_from_url(url, book_path): if not cli.allow_localhost: # 127.0.x.x, localhost, [::1], [::ffff:7f00:1] ip = socket.getaddrinfo(urlparse(url).hostname, 0)[0][4][0] - if ip.startswith("127.") or ip.startswith('::ffff:7f') or ip == "::1": + if ip.startswith("127.") or ip.startswith('::ffff:7f') or ip == "::1" or ip == "0.0.0.0" or ip == "::": log.error("Localhost was accessed for cover upload") return False, _("You are not allowed to access localhost for cover uploads") - img = requests.get(url, timeout=(10, 200)) # ToDo: Error Handling + img = requests.get(url, timeout=(10, 200), allow_redirects=False) # ToDo: Error Handling img.raise_for_status() return save_cover(img, book_path) except (socket.gaierror,
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-h65g-jfqg-2w6mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-0767ghsaADVISORY
- github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8ghsax_refsource_MISCWEB
- huntr.dev/bounties/b26fc127-9b6a-4be7-a455-58aefbb62d9eghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.