Workflow

Calibreweb

Latest version: v0.6.24

Vulnerabilities (22)

CVE/PVE Vulnerability ID Advisory Affected versions Severity Severity Score
CVE-2020-12627 42274

Affected versions of calibreweb are vulnerable to sensitive informati…
  • <0.6.7
 CRITICAL 9.8
CVE-2022-2525 62623

Affected versions of Calibreweb are vulnerable to Improper Restrictio…
  • <0.6.20
 CRITICAL 9.8
CVE-2023-2106 62874

Affected versions of Calibrewebare are vulnerable to Weak Password Re…
  • <0.6.20
 CRITICAL 9.8
CVE-2022-0939 62588

Affected versions of Calibreweb are vulnerable to Server-Side Request…
  • <0.6.18
 CRITICAL 9.9
CVE-2022-0990 62589

Affected versions of Calibreweb are vulnerable to Server-Side Request…
  • <0.6.18
 CRITICAL 9.1
CVE-2022-0406 62587

Affected versions of Calibreweb are vulnerable to Improper Authorizat…
  • <0.6.16
 MEDIUM 4.3
CVE-2022-0405 62586

Affected versions of Calibreweb are vulnerable to Improper Access Con…
  • <0.6.16
 MEDIUM 4.3
CVE-2021-3987 74255

Affected versions of calibre-web are vulnerable to Missing Authorizat…
  • <0.6.15
 MEDIUM 4.3
CVE-2021-3986 74254

Affected versions of cps in calibre-web are vulnerable to Generation …
  • <0.6.15
 MEDIUM 4.3
CVE-2021-3988 74257

Affected versions of cps in calibre-web are vulnerable to Cross-Site …
  • <0.6.15
 MEDIUM 6.1
CVE-2024-39123 72283

In janeczku Calibre-Web affectged versions, the edit_book_comments fu…
  • >=0.6.0,<=0.6.21
 - -
CVE-2021-25965 62672

In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site…
  • >=0.6.0,<=0.6.13
 HIGH 8.8
CVE-2021-25964 62667

Calibreweb versions 0.6.0 to 0.6.12 are vulnerable to Stored XSS in "…
  • >=0.6.0,<0.6.12
 MEDIUM 5.4
CVE-2022-30765 54445

Affected versions of Calibreweb are vulnerable to SQL Injection in Us…
  • >=0,<0.6.18
 CRITICAL 9.8
CVE-2022-0766 54414

Affected versions of Calibreweb are vulnerable to server-side request…
  • >=0,<0.6.17
 CRITICAL 9.8
CVE-2022-0767 54419

Affected versions of Calibreweb are vulnerable to server-side request…
  • >=0,<0.6.17
 CRITICAL 9.9
CVE-2022-0352 54416

Affected versions of Calibreweb are vulnerable to cross-site scriptin…
  • >=0,<0.6.16
 MEDIUM 6.1
CVE-2022-0273 54235

Affected versions of Calibreweb are vulnerable Incorrect Authorizatio…
  • >=0,<0.6.16
 MEDIUM 6.5
CVE-2022-0339 54237

Affected versions of Calibreweb are vulnerable to server-side request…
  • >=0,<0.6.16
 CRITICAL 9.8
CVE-2021-4164 54147

Affected versions of Calibreweb are vulnerable to Cross-Site Request …
  • >=0,<0.6.15
 HIGH 8.8
CVE-2021-4171 54146

Affected versions of Calibreweb are vulnerable to Business Logic Erro…
  • >=0,<0.6.15
 CRITICAL 9.8
CVE-2021-4170 54406

Affected versions of Calibreweb are vulnerable to Improper Neutraliza…
  • >=0,<0.6.15
 MEDIUM 5.4