Skip to main content

Calibre CVE-2023-46303

HIGH
Server-Side Request Forgery (SSRF) (CWE-918)
2023-10-22 cve@mitre.org
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Oct 22, 2023 - 18:15 nvd
HIGH 7.5

DescriptionNVD

link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root.

AnalysisAI

link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Server-Side Request Forgery (SSRF) (CWE-918), which allows attackers to make the server perform requests to unintended internal or external resources. link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root. Affected products include: Calibre-Ebook Calibre. Version information: before 6.19.0.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and allowlist destination URLs, block requests to internal networks, use network segmentation.

CVE-2026-26064 HIGH POC
8.8 Feb 20

Remote code execution in Calibre 9.2.1 and earlier allows authenticated users to write arbitrary files via a path traver

CVE-2026-26065 HIGH POC
8.8 Feb 20

Calibre versions 9.2.1 and below allow authenticated users to write arbitrary files with any extension to any writable l

CVE-2026-25635 HIGH POC
8.6 Feb 06

Remote code execution in Calibre prior to version 9.2.0 through a path traversal flaw in the CHM reader allows local att

CVE-2026-25636 HIGH POC
8.2 Feb 06

Calibre 9.1.0 and earlier contains a path traversal vulnerability in EPUB conversion that allows malicious EPUB files to

CVE-2026-25731 HIGH POC
7.8 Feb 06

calibre is an e-book manager. [CVSS 7.8 HIGH]

CVE-2018-7889 HIGH POC
7.8 Mar 08

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attacke

CVE-2024-6781 HIGH POC
7.5 Aug 06

Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read. Rated high severity

CVE-2021-44686 HIGH POC
7.5 Dec 07

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) i

CVE-2024-7009 HIGH POC
7.1 Aug 06

Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL in

CVE-2026-27810 MEDIUM POC
6.4 Feb 27

HTTP response header injection in Calibre Content Server prior to version 9.4.0 permits authenticated users to inject ar

CVE-2024-7008 MEDIUM POC
6.1 Aug 06

Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform reflected cross-site scripting. Rated medium seve

CVE-2016-10187 MEDIUM POC
5.5 Mar 16

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with Ja

Share

CVE-2023-46303 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy