Description

Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.

INFO

Published Date :

2024-08-06T03:40:33.075Z

Last Modified :

2024-08-06T13:37:59.031Z

Source :

STAR_Labs
AFFECTED PRODUCTS

The following products are affected by CVE-2024-7009 vulnerability.

Vendors Products
Calibre-ebook
  • Calibre
Kovidgoyal
  • Calibre
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-7009.

URL Resource
https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7 cve-icon cve-icon
https://starlabs.sg/advisories/24/24-7009/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact