Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/calibre@1.22.0%2Bdfsg1-1~bpo70%2B2
purl pkg:deb/debian/calibre@1.22.0%2Bdfsg1-1~bpo70%2B2
Next non-vulnerable version 8.16.2+ds+~0.10.5-3~bpo13+1
Latest non-vulnerable version 8.16.2+ds+~0.10.5-3~bpo13+1
Risk 4.5
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-4gvv-bsf9-vqca
Aliases:
CVE-2023-46303
Multiple vulnerabilities have been discovered in calibre, the worst of which could lead to remote code execution.
6.13.0+repack-2+deb12u5
Affected by 10 other vulnerabilities.
VCID-4kgm-mmjn-g3a7
Aliases:
CVE-2016-10187
The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.
2.75.1+dfsg-1
Affected by 5 other vulnerabilities.
VCID-favj-1bjh-9uff
Aliases:
CVE-2021-44686
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.
6.13.0+repack-2+deb12u5
Affected by 10 other vulnerabilities.
VCID-pa4n-csyj-wqet
Aliases:
CVE-2024-7009
Multiple vulnerabilities have been discovered in calibre, the worst of which could lead to remote code execution.
5.12.0+dfsg-1+deb11u2
Affected by 13 other vulnerabilities.
VCID-xhf1-k7jg-6ued
Aliases:
CVE-2018-7889
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
3.39.1+dfsg-3
Affected by 4 other vulnerabilities.
VCID-ycp8-ws8x-3qbn
Aliases:
CVE-2024-7008
Multiple vulnerabilities have been discovered in calibre, the worst of which could lead to remote code execution.
5.12.0+dfsg-1+deb11u2
Affected by 13 other vulnerabilities.
VCID-z6j2-32tf-g7ax
Aliases:
CVE-2010-1028
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.
2.75.1+dfsg-1~bpo8+1
Affected by 6 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-1uhd-3upf-nqbu Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere. CVE-2011-4126
VCID-qsbr-up7k-kbcr Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privileges. CVE-2011-4124
VCID-stnm-9pm7-gqbv A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root. CVE-2011-4125

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:22:36.337659+00:00 Debian Oval Importer Fixing VCID-stnm-9pm7-gqbv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:13:06.497165+00:00 Debian Oval Importer Affected by VCID-ycp8-ws8x-3qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:58:06.916505+00:00 Debian Oval Importer Affected by VCID-4kgm-mmjn-g3a7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:56:38.989524+00:00 Debian Oval Importer Fixing VCID-qsbr-up7k-kbcr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:38:03.666146+00:00 Debian Oval Importer Affected by VCID-favj-1bjh-9uff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:23:57.550022+00:00 Debian Oval Importer Affected by VCID-xhf1-k7jg-6ued https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:05:46.159357+00:00 Debian Oval Importer Fixing VCID-1uhd-3upf-nqbu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:53:00.154608+00:00 Debian Oval Importer Affected by VCID-4gvv-bsf9-vqca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:22:13.300273+00:00 Debian Oval Importer Affected by VCID-z6j2-32tf-g7ax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-12T00:26:55.089548+00:00 Debian Oval Importer Affected by VCID-pa4n-csyj-wqet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:56:08.367926+00:00 Debian Oval Importer Fixing VCID-stnm-9pm7-gqbv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:48:56.161951+00:00 Debian Oval Importer Affected by VCID-ycp8-ws8x-3qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:34:27.311323+00:00 Debian Oval Importer Affected by VCID-4kgm-mmjn-g3a7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:33:02.556828+00:00 Debian Oval Importer Fixing VCID-qsbr-up7k-kbcr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:14:51.229436+00:00 Debian Oval Importer Affected by VCID-favj-1bjh-9uff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:01:10.339492+00:00 Debian Oval Importer Affected by VCID-xhf1-k7jg-6ued https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:43:46.899342+00:00 Debian Oval Importer Fixing VCID-1uhd-3upf-nqbu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:37:27.075530+00:00 Debian Oval Importer Affected by VCID-4gvv-bsf9-vqca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:09:30.467539+00:00 Debian Oval Importer Affected by VCID-z6j2-32tf-g7ax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T23:57:23.400557+00:00 Debian Oval Importer Affected by VCID-pa4n-csyj-wqet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T23:27:54.735983+00:00 Debian Oval Importer Fixing VCID-stnm-9pm7-gqbv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:23:35.570278+00:00 Debian Oval Importer Affected by VCID-ycp8-ws8x-3qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:09:53.749172+00:00 Debian Oval Importer Affected by VCID-4kgm-mmjn-g3a7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:08:32.775895+00:00 Debian Oval Importer Fixing VCID-qsbr-up7k-kbcr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:51:12.089004+00:00 Debian Oval Importer Affected by VCID-favj-1bjh-9uff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:38:14.471794+00:00 Debian Oval Importer Affected by VCID-xhf1-k7jg-6ued https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:21:37.948714+00:00 Debian Oval Importer Fixing VCID-1uhd-3upf-nqbu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:22:35.407774+00:00 Debian Oval Importer Affected by VCID-4gvv-bsf9-vqca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:02:04.470533+00:00 Debian Oval Importer Affected by VCID-z6j2-32tf-g7ax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0