CVE-2021-44686

Опубликовано: 07 дек. 2021

Источник: debian

Описание

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
calibre	fixed	5.33.0+dfsg-1		package
calibre	no-dsa		buster	package
calibre	no-dsa		stretch	package

Примечания

https://bugs.launchpad.net/calibre/+bug/1951979
https://github.com/kovidgoyal/calibre/commit/235b7e38c197ba4a3c17531e516610af8795e348 (v5.33.0)

Связанные уязвимости

CVE-2021-44686

CVSS3: 7.5

ubuntu

около 4 лет назад

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.

CVE-2021-44686

CVSS3: 7.5

nvd

около 4 лет назад

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.

GHSA-m6m7-mf2p-99p5

CVSS3: 7.5

github

около 4 лет назад

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.