Debian Calibre vulnerabilities

23 known vulnerabilities affecting debian/calibre.

Total CVEs

23

CISA KEV

0

Public exploits

3

Exploited in wild

0

Severity breakdown

CRITICAL8HIGH8MEDIUM5LOW2

Vulnerabilities

Page 2 of 2

CVE-2011-4124CRITICALCVSS 9.8fixed in calibre 1.5.0+dfsg-1 (bookworm)2011

CVE-2011-4124 [CRITICAL] CVE-2011-4124: calibre - Input validation issues were found in Calibre at devices/linux_mount_helper.c wh... Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privileges. Scope: local bookworm: resolved (fixed in 1.5.0+dfsg-1) bullseye: resolved (fixed in 1.5.0+dfsg-1) forky: resolved (fixed in 1.5.0+dfsg-1) sid: resolved (fixed in 1.5.0+dfsg-1) trixie: resolved (fixed in 1.5.0+dfsg-1)

CVE-2011-4126HIGHCVSS 8.1fixed in calibre 1.5.0+dfsg-1 (bookworm)2011

CVE-2011-4126 [HIGH] CVE-2011-4126: calibre - Race condition issues were found in Calibre at devices/linux_mount_helper.c allo... Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere. Scope: local bookworm: resolved (fixed in 1.5.0+dfsg-1) bullseye: resolved (fixed in 1.5.0+dfsg-1) forky: resolved (fixed in 1.5.0+dfsg-1) sid: resolved (fixed in 1.5.0+dfsg-1) trixie: resolved (fixed in 1.5.0+dfsg-1)

CVE-2010-1028CRITICALCVSS 9.3fixed in calibre 2.38.0+dfsg-1 (bookworm)2010

CVE-2010-1028 [CRITICAL] CVE-2010-1028: calibre - Integer overflow in the decompression functionality in the Web Open Fonts Format... Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0. Scope: local bookworm: resolved (fixed in 2.38

← Previous2 / 2