Calibre@* Security Vulnerabilities and Issues — Calibre@* CVE List

Lucene search

Calibre-ebookCalibre*

6 matches found

CVE•added 2023/10/22 6:15 p.m.•80 views

CVE-2023-46303

link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root.

7.5CVSS7.5AI score0.00533EPSS

CVE•added 2021/12/07 12:15 a.m.•66 views

CVE-2021-44686

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.

7.5CVSS7.3AI score0.00884EPSS

CVE•added 2024/08/06 4:16 a.m.•62 views

CVE-2024-7008

Unsanitized user-input in Calibre

6.1CVSS5.3AI score0.0228EPSS

CVE•added 2017/03/16 3:59 p.m.•55 views

CVE-2016-10187

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

5.5CVSS5.2AI score0.00338EPSS

CVE•added 2024/08/06 4:16 a.m.•43 views

CVE-2024-6781

Path traversal in Calibre

7.5CVSS7.7AI score0.93624EPSS

CVE•added 2024/08/06 4:16 a.m.•27 views

CVE-2024-7009

Unsanitized user-input in Calibre

7.1CVSS5.2AI score0.00259EPSS