GSA_kwCzR0hTQS14cDdwLTNneDctajZ3eM0kHw

Critical EPSS: 0.00441% (0.62303 Percentile) EPSS:

Permalink JSON

calibre-web is vulnerable to Business Logic Errors

Affected Packages	Affected Versions	Fixed Versions
pypi:calibreweb	< 0.6.15	0.6.15
0 Dependent packages 1 Dependent repositories 3,036 Downloads last month Affected Version Ranges All affected versions 0.6.12, 0.6.13, 0.6.14 All unaffected versions 0.6.15, 0.6.16, 0.6.17, 0.6.18, 0.6.19, 0.6.20, 0.6.21, 0.6.22, 0.6.23, 0.6.24

References:

https://nvd.nist.gov/vuln/detail/CVE-2021-4171
https://github.com/janeczku/calibre-web/commit/3e0d8763c377d2146462811e3e4ccf13f0d312ce
https://huntr.dev/bounties/1117f439-133c-4563-afb2-6cd80607bd5c
https://github.com/advisories/GHSA-xp7p-3gx7-j6wx

Identifiers

GHSA-xp7p-3gx7-j6wx

CVE-2021-4171

Risk

Severity

Critical

EPSS

EPSS Percentage: 0.00441

EPSS Percentile: 0.62303

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/janeczku/calibre-web

Date and time

Published

over 3 years ago

Updated

almost 2 years ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories

GSA_kwCzR0hTQS14cDdwLTNneDctajZ3eM0kHw

calibre-web is vulnerable to Business Logic Errors

Affected Version Ranges

All affected versions

All unaffected versions

Identifiers

Risk

Severity

EPSS

Classification

Source

Origin

Repository

Date and time

Published

Updated

API