Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/calibre@2.5.0%2Bdfsg-1
purl pkg:deb/debian/calibre@2.5.0%2Bdfsg-1
Next non-vulnerable version 8.16.2+ds+~0.10.5-3~bpo13+1
Latest non-vulnerable version 8.16.2+ds+~0.10.5-3~bpo13+1
Risk 4.5
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-4gvv-bsf9-vqca
Aliases:
CVE-2023-46303
Multiple vulnerabilities have been discovered in calibre, the worst of which could lead to remote code execution.
6.13.0+repack-2+deb12u5
Affected by 10 other vulnerabilities.
VCID-4kgm-mmjn-g3a7
Aliases:
CVE-2016-10187
The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.
2.75.1+dfsg-1
Affected by 5 other vulnerabilities.
VCID-favj-1bjh-9uff
Aliases:
CVE-2021-44686
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.
6.13.0+repack-2+deb12u5
Affected by 10 other vulnerabilities.
VCID-pa4n-csyj-wqet
Aliases:
CVE-2024-7009
Multiple vulnerabilities have been discovered in calibre, the worst of which could lead to remote code execution.
5.12.0+dfsg-1+deb11u2
Affected by 13 other vulnerabilities.
VCID-xhf1-k7jg-6ued
Aliases:
CVE-2018-7889
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
3.39.1+dfsg-3
Affected by 4 other vulnerabilities.
VCID-ycp8-ws8x-3qbn
Aliases:
CVE-2024-7008
Multiple vulnerabilities have been discovered in calibre, the worst of which could lead to remote code execution.
5.12.0+dfsg-1+deb11u2
Affected by 13 other vulnerabilities.
VCID-z6j2-32tf-g7ax
Aliases:
CVE-2010-1028
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.
2.75.1+dfsg-1~bpo8+1
Affected by 6 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:54:31.872431+00:00 Debian Oval Importer Affected by VCID-pa4n-csyj-wqet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:13:06.501115+00:00 Debian Oval Importer Affected by VCID-ycp8-ws8x-3qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:58:06.919980+00:00 Debian Oval Importer Affected by VCID-4kgm-mmjn-g3a7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:38:03.669540+00:00 Debian Oval Importer Affected by VCID-favj-1bjh-9uff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:23:57.554045+00:00 Debian Oval Importer Affected by VCID-xhf1-k7jg-6ued https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:53:00.158234+00:00 Debian Oval Importer Affected by VCID-4gvv-bsf9-vqca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:22:13.303750+00:00 Debian Oval Importer Affected by VCID-z6j2-32tf-g7ax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-12T00:26:55.093550+00:00 Debian Oval Importer Affected by VCID-pa4n-csyj-wqet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:48:56.165499+00:00 Debian Oval Importer Affected by VCID-ycp8-ws8x-3qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:34:27.314972+00:00 Debian Oval Importer Affected by VCID-4kgm-mmjn-g3a7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:14:51.233224+00:00 Debian Oval Importer Affected by VCID-favj-1bjh-9uff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:01:10.343244+00:00 Debian Oval Importer Affected by VCID-xhf1-k7jg-6ued https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:37:27.077229+00:00 Debian Oval Importer Affected by VCID-4gvv-bsf9-vqca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:09:30.471704+00:00 Debian Oval Importer Affected by VCID-z6j2-32tf-g7ax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T23:57:23.405309+00:00 Debian Oval Importer Affected by VCID-pa4n-csyj-wqet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:23:35.574735+00:00 Debian Oval Importer Affected by VCID-ycp8-ws8x-3qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:09:53.753001+00:00 Debian Oval Importer Affected by VCID-4kgm-mmjn-g3a7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:51:12.093254+00:00 Debian Oval Importer Affected by VCID-favj-1bjh-9uff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:38:14.475898+00:00 Debian Oval Importer Affected by VCID-xhf1-k7jg-6ued https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:22:35.412341+00:00 Debian Oval Importer Affected by VCID-4gvv-bsf9-vqca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:02:04.476157+00:00 Debian Oval Importer Affected by VCID-z6j2-32tf-g7ax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0