CNNVD-202507-3115 Information

CNNVD ID

CNNVD-202507-3115

Related CVE

CVE-2025-6998

• CNNVD Published: 2025-07-24

Description (Chinese)

Calibre-Web是Jan B个人开发者的一款用于浏览、阅读和下载Calibre数据库中电子书的Web应用程序。 Calibre-Web 0.6.24版本 存在安全漏洞，该漏洞源于strip_whitespaces函数存在正则表达式拒绝服务漏洞，可能导致拒绝服务攻击。

Description (English)

Calibre-Web is a Web application by Jan B Personal Developer for browsing, reading and downloading electronic books from the Calibre database. Version 0.6.24 of Calibre-Web has a security loophole, which stems from the regular expression denial service gap in the stip whitespaces function, which may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-07-24

Last Modified

2026-02-24

References

https://github.com/janeczku/calibre-web https://github.com/gelbphoenix/autocaliweb https://fluidattacks.com/advisories/megadeth