What is CVE-2022-4848?

CVE-2022-4848 is a high-severity vulnerability in Usememos Usememos/memos, classified under Improper Verification of Source of a Communication Channel. CVSS score: 8.6/10. Published 2022-12-29.

How severe is CVE-2022-4848?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Usememos Usememos/memos

CVE-2022-4848

Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.

EPSS: 0.002 (39.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L.

Affected products

Usememos Usememos/memos — versions unspecified

Weakness classification (CWE)

CWE-940 — Improper Verification of Source of a Communication Channel

References

github.com/usememos/memos/commit/c9bb2b785dc5852655405d5c9ab127a2d5aa3948
huntr.dev/bounties/25de88cc-8d0d-41a1-b069-9ef1327770bc

Frequently asked questions

What is CVE-2022-4848?: CVE-2022-4848 is a high-severity vulnerability in Usememos Usememos/memos, classified under Improper Verification of Source of a Communication Channel. CVSS score: 8.6/10. Published 2022-12-29.
How severe is CVE-2022-4848?: High severity. CVSS v3 base score is 8.6 out of 10.