0X1717 Aka Gyg3S

**Name of the Vulnerable Software and Affected Versions** calibre versions prior to 6.19.0 **Description** The issue allows adding resources outside of the document root by default, due to the `link to local path` in `ebooks/conversion/plugins/html input.py`. **Recommendations** For versions prior to 6.19.0, update to version 6.19.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `link to local path` function in `html input.py` to minimize the risk of exploitation.