calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in htmlpreprocessrules in ebooks/conversion/preprocess.py.
{ "binaries": [ { "binary_name": "calibre", "binary_version": "2.55.0+dfsg-1ubuntu0.2" }, { "binary_name": "calibre-bin", "binary_version": "2.55.0+dfsg-1ubuntu0.2" } ] }
{ "binaries": [ { "binary_name": "calibre", "binary_version": "3.21.0+dfsg-1build1" }, { "binary_name": "calibre-bin", "binary_version": "3.21.0+dfsg-1build1" } ] }
{ "binaries": [ { "binary_name": "calibre", "binary_version": "4.99.4+dfsg+really4.12.0-1ubuntu1" }, { "binary_name": "calibre-bin", "binary_version": "4.99.4+dfsg+really4.12.0-1ubuntu1" } ] }
{ "binaries": [ { "binary_name": "calibre", "binary_version": "5.37.0+dfsg-1build1" }, { "binary_name": "calibre-bin", "binary_version": "5.37.0+dfsg-1build1" } ] }