ALT Linux Team

Package calibre update in sisyphus on 2024-03-03

ALT-PU-2024-3333-2

Package calibre updated to version 7.5.1-alt1 for branch sisyphus in task 341865.

Closed vulnerabilities

Published: 2023-10-22
Modified: 2024-11-21

CVE-2023-46303

link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top