CVE-2024-7009 – Calibre SQL Injection
https://notcve.org/view.php?id=CVE-2024-7009
Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database. La entrada de usuario no sanitizada en Calibre <= 7.15.0 permite a los usuarios con permisos realizar búsquedas de texto completo para lograr la inyección SQL en la base de datos SQLite. • https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7 https://starlabs.sg/advisories/24/24-7009 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-7008 – Calibre Reflected Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2024-7008
Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform reflected cross-site scripting. La entrada de usuario no sanitizada en Calibre <= 7.15.0 permite a los atacantes cross-site scripting reflejado. • https://github.com/kovidgoyal/calibre/commit/863abac24e7bc3e5ca0b3307362ff1953ba53fe0 https://starlabs.sg/advisories/24/24-7008 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-6782 – Calibre Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-6782
Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution. El control de acceso inadecuado en Calibre 6.9.0 ~ 7.14.0 permite a atacantes no autenticados lograr la ejecución remota de código. • https://github.com/Uno13x/CVE-2024-6782-PoC https://github.com/zangjiahe/CVE-2024-6782 https://github.com/jdpsl/CVE-2024-6782 https://github.com/R4idB0Y/CVE-2024-6782-PoC https://github.com/0xB0y426/CVE-2024-6782-PoC https://github.com/kovidgoyal/calibre/commit/38a1bf50d8cd22052ae59c513816706c6445d5e9 https://starlabs.sg/advisories/24/24-6782 • CWE-863: Incorrect Authorization •
CVE-2024-6781 – Calibre Arbitrary File Read
https://notcve.org/view.php?id=CVE-2024-6781
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read. El path traversal en Calibre <= 7.14.0 permite a atacantes no autenticados lograr lecturas de archivos arbitrarias. • https://github.com/kovidgoyal/calibre/commit/bcd0ab12c41a887f8290a9b56e46c3a29038d9c4 https://starlabs.sg/advisories/24/24-6781 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-46303
https://notcve.org/view.php?id=CVE-2023-46303
link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root. link_to_local_path en ebooks/conversion/plugins/html_input.py en calibre anterior a 6.19.0 puede, de forma predeterminada, agregar recursos fuera del root del documento. • https://github.com/0x1717/ssrf-via-img https://github.com/kovidgoyal/calibre/compare/v6.18.1...v6.19.0 • CWE-918: Server-Side Request Forgery (SSRF) •