VDB
CVE-2024-6781
CVE-2024-6781
PUBLISHED
CVSS 7.5 HIGH
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read.
EPSS 93.72% · 99.9th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
93.72%
99.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| calibre-ebook | calibre | 0 |
| Calibre | Calibre | 7.14.0 |
| calibre | calibre | 7.14.0 |
Exploit Intelligence
- https://starlabs.sg/advisories/24/24-6781/ (circl)
- https://github.com/kovidgoyal/calibre/commit/bcd0ab12c41a887f8290a9b56e46c3a29038d9c4 (circl)
- Nuclei Template: CVE-2024-6781 (nuclei-template)
- Nuclei Template: CVE-2024-6781 (nuclei-template)
- Nuclei Template: CVE-2024-6781 (nuclei-template)
- Nuclei Template: CVE-2024-6781 (nuclei-template)
- Nuclei Template: CVE-2024-6781 (nuclei-template)
- Nuclei Template: CVE-2024-6781 (nuclei-template)
- Nuclei Template: CVE-2024-6781 (nuclei-template)
Timeline
- Aug 6, 2024 EPSS Score
- Aug 6, 2024 CVE Published
- Aug 6, 2024 CVE Updated
- Aug 27, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 8, 2024 EPSS Score
- Oct 29, 2024 EPSS Score
- Nov 19, 2024 EPSS Score
- Dec 11, 2024 EPSS Score
- Jan 23, 2025 EPSS Score
- Feb 13, 2025 EPSS Score
- Mar 6, 2025 EPSS Score