pkg:PyPI/calibreweb

21 total CVEsCRITICAL4HIGH2MEDIUM11

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.9CVE-2022-0767Server-Side Request Forgery in calibreweb
    from 0, < 0.6.17
  • CRITICAL9.8CVE-2022-30765SQL injection in calibreweb
    from 0, < 0.6.18
  • CRITICAL9.8CVE-2022-0766Server-Side Request Forgery in calibreweb
    from 0, < 0.6.17
  • CRITICAL9.8CVE-2021-4171calibre-web is vulnerable to Business Logic Errors
    from 0, < 0.6.15
  • HIGH7.6CVE-2021-4164calibre-web is vulnerable to Cross-Site Request Forgery (CSRF)
    from 0, < 0.6.15
  • HIGH7.3CVE-2023-2106Weak Password Requirements in calibreweb
    from 0, < 0.6.20
  • MEDIUM6.5CVE-2022-0339Server-Side Request Forgery in calibreweb
    from 0, < 0.6.16
  • MEDIUM6.5CVE-2022-0339Server-Side Request Forgery in calibreweb
    from 0, < 3b216bfa07ec7992eff03e55d61732af6df9bb92 | from 0, < 0.6.16
  • MEDIUM6.5CVE-2022-0273Incorrect Authorization in calibreweb
    from 0, < 0c0313f375bed7b035c8c0482bbb09599e16bfcf | from 0, < 0.6.16
  • MEDIUM6.5CVE-2022-0273Incorrect Authorization in calibreweb
    from 0, < 0.6.16
  • MEDIUM6.1CVE-2021-3988Cross-site Scripting (XSS) - DOM in janeczku/calibre-web
    from 0, < 0.6.15
  • MEDIUM6.1CVE-2022-0352Cross-site Scripting in calibreweb
    from 0, < 6bf07539788004513c3692c074ebc7ba4ce005e1 | from 0, < 0.6.16
  • MEDIUM6.1CVE-2022-0352Cross-site Scripting in calibreweb
    from 0, < 0.6.16
  • MEDIUM5.4CVE-2021-3987Improper Access Control in janeczku/calibre-web
    from 0, < 0.6.15
  • MEDIUM5.4CVE-2024-39123Calibre-Web Cross Site Scripting (XSS)
    >= 0.6.0, <= 0.6.21
  • MEDIUM5.4CVE-2021-4170calibre-web is vulnerable to Cross-site Scripting
    from 0, < 0.6.15
  • MEDIUM4.3CVE-2021-3986Generation of Error Message Containing Sensitive Information in janeczku/calibre-web
    from 0, < 0.6.15
  • CVE-2025-65858Calibre-Web Has a Stored Cross-Site Scripting (XSS) Vulnerability via the 'username' Field During User Creation
    from 0, <= 0.6.25
  • CVE-2025-7404Calibre Web and Autocaliweb have OS Command Injection vulnerability
    from 0, <= 0.6.24
  • CVE-2025-6998Calibre Web and Autocaliweb have a ReDoS vulnerability
    from 0, <= 0.6.24
  • CVE-2022-2525Improper Restriction of Excessive Authentication Attempts in calibreweb
    from 0, < 0.6.20