Unrated severityNVD Advisory· Published Aug 6, 2024· Updated Aug 6, 2024
Calibre SQL Injection
CVE-2024-7009
Description
Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=7.15.0
- Calibre/Calibrev5Range: 7.15.0
Patches
Vulnerability mechanics
References
2- github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7mitrepatch
- starlabs.sg/advisories/24/24-7009/mitrethird-party-advisory
News mentions
0No linked articles in our index yet.