Search for packages
Package details: pkg:deb/debian/calibre@0.7.7%2Bdfsg-1squeeze1
purl pkg:deb/debian/calibre@0.7.7%2Bdfsg-1squeeze1
Next non-vulnerable version 5.44.0+dfsg-1~bpo11+2
Latest non-vulnerable version 5.44.0+dfsg-1~bpo11+2
Risk 10.0
Vulnerabilities affecting this package (10)
Vulnerability Summary Fixed by
VCID-1ze9-599r-aaam
Aliases:
CVE-2023-46303
link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root.
5.12.0+dfsg-1+deb11u2
Affected by 2 other vulnerabilities.
5.44.0+dfsg-1~bpo11+2
Affected by 0 other vulnerabilities.
VCID-4atp-nc7m-aaan
Aliases:
CVE-2024-7009
Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.
5.12.0+dfsg-1+deb11u2
Affected by 2 other vulnerabilities.
VCID-56d5-5e4d-aaah
Aliases:
CVE-2011-4126
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere.
1.22.0+dfsg1-1~bpo70+2
Affected by 7 other vulnerabilities.
VCID-camm-fnua-aaan
Aliases:
CVE-2016-10187
The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.
2.75.1+dfsg-1
Affected by 5 other vulnerabilities.
VCID-extm-bjc7-aaap
Aliases:
CVE-2010-1028
Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.
2.75.1+dfsg-1~bpo8+1
Affected by 6 other vulnerabilities.
VCID-fv8h-uybh-aaas
Aliases:
CVE-2024-7008
Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform reflected cross-site scripting.
5.12.0+dfsg-1+deb11u2
Affected by 2 other vulnerabilities.
VCID-gbtx-c8tt-aaak
Aliases:
CVE-2011-4125
A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root.
1.22.0+dfsg1-1~bpo70+2
Affected by 7 other vulnerabilities.
VCID-jfsz-6s82-aaas
Aliases:
CVE-2018-7889
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
3.39.1+dfsg-3~bpo9+1
Affected by 0 other vulnerabilities.
3.39.1+dfsg-3
Affected by 4 other vulnerabilities.
VCID-w8cc-y1jy-aaac
Aliases:
CVE-2021-44686
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.
5.12.0+dfsg-1+deb11u2
Affected by 2 other vulnerabilities.
5.44.0+dfsg-1~bpo11+1
Affected by 0 other vulnerabilities.
5.44.0+dfsg-1~bpo11+2
Affected by 0 other vulnerabilities.
VCID-wv7k-6txy-aaan
Aliases:
CVE-2011-4124
Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privileges.
1.22.0+dfsg1-1~bpo70+2
Affected by 7 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T18:49:52.799070+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:20:47.738661+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:11:04.733350+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:19:02.851415+00:00 Debian Oval Importer Affected by VCID-camm-fnua-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:47:06.443666+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:33:46.025741+00:00 Debian Oval Importer Affected by VCID-jfsz-6s82-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:47:25.811460+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T00:31:54.159747+00:00 Debian Oval Importer Affected by VCID-camm-fnua-aaan None 36.1.3
2025-06-20T23:59:06.927358+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan None 36.1.3
2025-06-20T23:38:43.291686+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap None 36.1.3
2025-06-20T23:32:30.930932+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak None 36.1.3
2025-06-20T23:26:28.372716+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah None 36.1.3
2025-06-20T22:21:15.007136+00:00 Debian Oval Importer Affected by VCID-jfsz-6s82-aaas None 36.1.3
2025-06-08T11:19:43.510571+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:01:50.019466+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:52:50.850061+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:05:18.341456+00:00 Debian Oval Importer Affected by VCID-camm-fnua-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:41:16.714260+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:27:49.851704+00:00 Debian Oval Importer Affected by VCID-jfsz-6s82-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:42:32.103795+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T17:54:32.912666+00:00 Debian Oval Importer Affected by VCID-camm-fnua-aaan None 36.1.0
2025-06-07T17:21:59.867638+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan None 36.1.0
2025-06-07T17:01:39.457094+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap None 36.1.0
2025-06-07T16:55:26.309099+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak None 36.1.0
2025-06-07T16:49:23.050701+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah None 36.1.0
2025-06-07T15:45:28.209703+00:00 Debian Oval Importer Affected by VCID-jfsz-6s82-aaas None 36.1.0
2025-04-13T02:00:59.256646+00:00 Debian Oval Importer Affected by VCID-4atp-nc7m-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-13T01:58:54.833868+00:00 Debian Oval Importer Affected by VCID-fv8h-uybh-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-13T01:58:08.006088+00:00 Debian Oval Importer Affected by VCID-w8cc-y1jy-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-13T01:54:20.602870+00:00 Debian Oval Importer Affected by VCID-1ze9-599r-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T22:10:29.276507+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:17:01.990454+00:00 Debian Oval Importer Affected by VCID-camm-fnua-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:16:00.710074+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:55:01.263198+00:00 Debian Oval Importer Affected by VCID-jfsz-6s82-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:44:18.576658+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:03:41.194943+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:34:06.887565+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:25:03.144069+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:37:02.203877+00:00 Debian Oval Importer Affected by VCID-camm-fnua-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:13:43.995561+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:00:08.223427+00:00 Debian Oval Importer Affected by VCID-jfsz-6s82-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:14:14.704943+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T16:31:19.666976+00:00 Debian Oval Importer Affected by VCID-camm-fnua-aaan None 36.0.0
2025-04-07T15:56:04.358274+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan None 36.0.0
2025-04-07T15:34:53.985111+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap None 36.0.0
2025-04-07T15:28:26.732103+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak None 36.0.0
2025-04-07T15:22:06.307705+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah None 36.0.0
2025-04-07T14:16:10.468375+00:00 Debian Oval Importer Affected by VCID-jfsz-6s82-aaas None 36.0.0
2024-11-28T14:16:45.480662+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-28T14:15:00.723873+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-28T14:12:50.057829+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T15:22:06.664664+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-14T00:56:32.573638+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-14T00:55:10.020767+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-14T00:54:28.428979+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T09:10:06.988407+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-21T04:31:40.443600+00:00 Debian Oval Importer Affected by VCID-56d5-5e4d-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-21T04:30:58.780407+00:00 Debian Oval Importer Affected by VCID-gbtx-c8tt-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-21T04:30:53.750476+00:00 Debian Oval Importer Affected by VCID-wv7k-6txy-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T21:59:15.431362+00:00 Debian Oval Importer Affected by VCID-extm-bjc7-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1