pkg:Debian/calibre

All known vulnerabilities

• CRITICAL9.8CVE-2024-6782Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution.
  from 0, < 6.13.0+repack-2+deb12u4
• CRITICAL9.8CVE-2011-4125A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute…
  from 0, < 1.5.0+dfsg-1
• CRITICAL9.8CVE-2011-4124Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privile…
  from 0, < 1.5.0+dfsg-1
• HIGH8.8CVE-2026-26065calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books.
  from 0, < 5.12.0+dfsg-1+deb11u4
• HIGH8.8CVE-2026-26064calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books.
  from 0, < 5.12.0+dfsg-1+deb11u4
• HIGH8.6CVE-2026-25635calibre is an e-book manager.
  from 0, < 5.12.0+dfsg-1+deb11u4
• HIGH8.2CVE-2026-30853calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books.
  from 0
• HIGH8.1CVE-2011-4126Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to…
  from 0, < 1.5.0+dfsg-1
• HIGH7.8CVE-2026-25731calibre is an e-book manager.
  from 0
• HIGH7.8CVE-2026-25636calibre is an e-book manager.
  from 0, < 5.12.0+dfsg-1+deb11u4
• HIGH7.8CVE-2018-7889gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbit…
  from 0, < 3.19.0+dfsg-1
• HIGH7.5CVE-2024-6781Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read.
  from 0, < 7.16.0+ds-1
• HIGH7.5CVE-2023-46303link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the docume…
  from 0, < 5.12.0+dfsg-1+deb11u3
• HIGH7.5CVE-2021-44686calibre - security update
  from 0, < 5.12.0+dfsg-1+deb11u3
• HIGH7.5CVE-2021-44686calibre - security update
  from 0, < 5.12.0+dfsg-1+deb11u3
• HIGH7.1CVE-2024-7009Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLi…
  from 0, < 5.12.0+dfsg-1+deb11u2
• MEDIUM6.4CVE-2026-27810calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books.
  from 0
• MEDIUM6.3CVE-2026-33206calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books.
  from 0
• MEDIUM6.1CVE-2024-7008Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform reflected cross-site scripting.
  from 0, < 5.12.0+dfsg-1+deb11u2
• MEDIUM5.5CVE-2026-33205calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books.
  from 0
• MEDIUM5.5CVE-2016-10187calibre - security update
  from 0, < 0.8.51+dfsg1-0.1+deb7u1
• MEDIUM5.5CVE-2016-10187calibre - security update
  from 0, < 2.75.1+dfsg-1
• MEDIUM5.3CVE-2026-27824calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books.
  from 0
• —CVE-2025-64486calibre is an e-book manager.
  from 0, < 5.12.0+dfsg-1+deb11u4
• —CVE-2010-1028Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7…
  from 0, < 2.38.0+dfsg-1