AVG-650

Package calibre
Status Fixed
Severity High
Type arbitrary command execution
Affected 3.18.0-1
Fixed 3.19.0-1
Current 3.40.1-1 [community]
Ticket None
Created Fri Mar 9 17:38:13 2018
Issue Severity Remote Type Description
CVE-2018-7889 High Yes Arbitrary command execution
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a...
Date Advisory Package Description
11 Mar 2018 ASA-201803-8 calibre arbitrary command execution