Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u5?distro=trixie
Typedeb
Namespacedebian
Namecalibre
Version6.13.0+repack-2+deb12u5
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.19.1-1
Latest_non_vulnerable_version9.9.0+ds+~0.10.6-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-shma-cn17-87ft
vulnerability_id VCID-shma-cn17-87ft
summary calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve arbitrary code execution. This issue is fixed in version 8.14.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64486
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13314
published_at 2026-06-05T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.13277
published_at 2026-06-07T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.13318
published_at 2026-06-06T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.16137
published_at 2026-06-09T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.16113
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64486
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64486
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64486
2
reference_url https://github.com/kovidgoyal/calibre/commit/6f94bce214bf7d43c829804db3741afa5e83c0c5
reference_id 6f94bce214bf7d43c829804db3741afa5e83c0c5
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T21:34:15Z/
url https://github.com/kovidgoyal/calibre/commit/6f94bce214bf7d43c829804db3741afa5e83c0c5
3
reference_url https://github.com/kovidgoyal/calibre/security/advisories/GHSA-hpwq-c98h-xp8g
reference_id GHSA-hpwq-c98h-xp8g
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T21:34:15Z/
url https://github.com/kovidgoyal/calibre/security/advisories/GHSA-hpwq-c98h-xp8g
fixed_packages
0
url pkg:deb/debian/calibre@5.12.0%2Bdfsg-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/calibre@5.12.0%2Bdfsg-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fbg-gtyc-b7at
1
vulnerability VCID-55a5-1xc3-bqbq
2
vulnerability VCID-75te-3k74-1ygq
3
vulnerability VCID-jxve-5vv8-8ycp
4
vulnerability VCID-t1sy-hpuu-ykcr
5
vulnerability VCID-urhw-ezc2-hkb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@5.12.0%252Bdfsg-1%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/calibre@5.12.0%2Bdfsg-1%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/calibre@5.12.0%2Bdfsg-1%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@5.12.0%252Bdfsg-1%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6?distro=trixie
purl pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fbg-gtyc-b7at
1
vulnerability VCID-t1sy-hpuu-ykcr
2
vulnerability VCID-urhw-ezc2-hkb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6%3Fdistro=trixie
4
url pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fbg-gtyc-b7at
1
vulnerability VCID-t1sy-hpuu-ykcr
2
vulnerability VCID-urhw-ezc2-hkb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2%3Fdistro=trixie
6
url pkg:deb/debian/calibre@8.14.0%2Bds%2B~0.10.5-1?distro=trixie
purl pkg:deb/debian/calibre@8.14.0%2Bds%2B~0.10.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.14.0%252Bds%252B~0.10.5-1%3Fdistro=trixie
7
url pkg:deb/debian/calibre@9.8.0%2Bds%2B~0.10.6-2?distro=trixie
purl pkg:deb/debian/calibre@9.8.0%2Bds%2B~0.10.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@9.8.0%252Bds%252B~0.10.6-2%3Fdistro=trixie
8
url pkg:deb/debian/calibre@9.9.0%2Bds%2B~0.10.6-1?distro=trixie
purl pkg:deb/debian/calibre@9.9.0%2Bds%2B~0.10.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@9.9.0%252Bds%252B~0.10.6-1%3Fdistro=trixie
aliases CVE-2025-64486
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-shma-cn17-87ft
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u5%3Fdistro=trixie