VYPR

Calibre

by Kovidgoyal

Source repositories

CVEs (22)

  • CVE-2011-4124Oct 27, 2021
    risk 0.00cvss epss 0.02

    Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privileges.

  • CVE-2018-7889HigMar 8, 2018
    risk 0.00cvss 7.8epss 0.05

    gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

Page 2 of 2