Vulnerabilities

 236 via 947 paths

Dependencies

 414

Source

 Group 6 Copy Created with Sketch. Docker

Target OS

 debian:12
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 1
  • 1
  • 1
  • 233
Status
  • 236
  • 0
  • 0

critical severity

Integer Overflow or Wraparound

  • Vulnerable module: zlib/zlib1g
  • Introduced through: zlib/zlib1g@1:1.2.13.dfsg-1 and zlib/zlib1g-dev@1:1.2.13.dfsg-1

Detailed paths

  • Introduced through: node@latest zlib/zlib1g@1:1.2.13.dfsg-1
  • Introduced through: node@latest zlib/zlib1g-dev@1:1.2.13.dfsg-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream zlib package and not the zlib package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.

Remediation

There is no fixed version for Debian:12 zlib.

References

Integer Overflow or Wraparound vulnerability report

high severity

Use After Free

  • Vulnerable module: libxslt/libxslt1-dev
  • Introduced through: libxslt/libxslt1-dev@1.1.35-1+deb12u3 and libxslt/libxslt1.1@1.1.35-1+deb12u3

Detailed paths

  • Introduced through: node@latest libxslt/libxslt1-dev@1.1.35-1+deb12u3
  • Introduced through: node@latest libxslt/libxslt1.1@1.1.35-1+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxslt package and not the libxslt package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

Remediation

There is no fixed version for Debian:12 libxslt.

References

Use After Free vulnerability report

medium severity
new

Uncontrolled Recursion

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.14+dfsg-1.3~deb12u5 and libxml2/libxml2-dev@2.9.14+dfsg-1.3~deb12u5

Detailed paths

  • Introduced through: node@latest libxml2@2.9.14+dfsg-1.3~deb12u5
  • Introduced through: node@latest libxml2/libxml2-dev@2.9.14+dfsg-1.3~deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.

Remediation

There is no fixed version for Debian:12 libxml2.

References

Uncontrolled Recursion vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: aom/libaom3
  • Introduced through: aom/libaom3@3.6.0-1+deb12u2

Detailed paths

  • Introduced through: node@latest aom/libaom3@3.6.0-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream aom package and not the aom package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc().

Remediation

There is no fixed version for Debian:12 aom.

References

Out-of-bounds Write vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:12 glibc.

References

Out-of-Bounds vulnerability report

low severity

OS Command Injection

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

OS Command Injection vulnerability report

low severity

CVE-2005-2541

  • Vulnerable module: tar
  • Introduced through: tar@1.34+dfsg-1.2+deb12u1

Detailed paths

  • Introduced through: node@latest tar@1.34+dfsg-1.2+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.

Remediation

There is no fixed version for Debian:12 tar.

References

CVE-2005-2541 vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: openexr/libopenexr-3-1-30
  • Introduced through: openexr/libopenexr-3-1-30@3.1.5-5 and openexr/libopenexr-dev@3.1.5-5

Detailed paths

  • Introduced through: node@latest openexr/libopenexr-3-1-30@3.1.5-5
  • Introduced through: node@latest openexr/libopenexr-dev@3.1.5-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openexr package and not the openexr package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.

Remediation

There is no fixed version for Debian:12 openexr.

References

Out-of-bounds Write vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: python3.11
  • Introduced through: python3.11@3.11.2-6+deb12u6, python3.11/libpython3.11-minimal@3.11.2-6+deb12u6 and others

Detailed paths

  • Introduced through: node@latest python3.11@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-minimal@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-stdlib@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/python3.11-minimal@3.11.2-6+deb12u6

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.11 package and not the python3.11 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

Remediation

There is no fixed version for Debian:12 python3.11.

References

Out-of-bounds Read vulnerability report

low severity

CVE-2025-7458

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.40.1-2+deb12u2 and sqlite3/libsqlite3-dev@3.40.1-2+deb12u2

Detailed paths

  • Introduced through: node@latest sqlite3/libsqlite3-0@3.40.1-2+deb12u2
  • Introduced through: node@latest sqlite3/libsqlite3-dev@3.40.1-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause.

Remediation

There is no fixed version for Debian:12 sqlite3.

References

CVE-2025-7458 vulnerability report

low severity

Improper Encoding or Escaping of Output

  • Vulnerable module: git
  • Introduced through: git@1:2.39.5-0+deb12u3 and git/git-man@1:2.39.5-0+deb12u3

Detailed paths

  • Introduced through: node@latest git@1:2.39.5-0+deb12u3
  • Introduced through: node@latest git/git-man@1:2.39.5-0+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources.

Remediation

There is no fixed version for Debian:12 git.

References

Improper Encoding or Escaping of Output vulnerability report

low severity

CVE-2019-1010023

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:12 glibc.

References

CVE-2019-1010023 vulnerability report

low severity

CVE-2023-49463

  • Vulnerable module: libheif/libheif1
  • Introduced through: libheif/libheif1@1.15.1-1+deb12u1

Detailed paths

  • Introduced through: node@latest libheif/libheif1@1.15.1-1+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libheif package and not the libheif package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc.

Remediation

There is no fixed version for Debian:12 libheif.

References

CVE-2023-49463 vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: libwmf/libwmf-0.2-7
  • Introduced through: libwmf/libwmf-0.2-7@0.2.12-5.1, libwmf/libwmf-dev@0.2.12-5.1 and others

Detailed paths

  • Introduced through: node@latest libwmf/libwmf-0.2-7@0.2.12-5.1
  • Introduced through: node@latest libwmf/libwmf-dev@0.2.12-5.1
  • Introduced through: node@latest libwmf/libwmflite-0.2-7@0.2.12-5.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libwmf package and not the libwmf package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.

Remediation

There is no fixed version for Debian:12 libwmf.

References

Out-of-Bounds vulnerability report

low severity

Integer Overflow or Wraparound

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

Integer Overflow or Wraparound vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

Out-of-Bounds vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

Out-of-bounds Write vulnerability report

low severity

Improper Certificate Validation

  • Vulnerable module: perl
  • Introduced through: perl@5.36.0-7+deb12u3, perl/libperl5.36@5.36.0-7+deb12u3 and others

Detailed paths

  • Introduced through: node@latest perl@5.36.0-7+deb12u3
  • Introduced through: node@latest perl/libperl5.36@5.36.0-7+deb12u3
  • Introduced through: node@latest perl/perl-base@5.36.0-7+deb12u3
  • Introduced through: node@latest perl/perl-modules-5.36@5.36.0-7+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.

Remediation

There is no fixed version for Debian:12 perl.

References

Improper Certificate Validation vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: elfutils/libelf1
  • Introduced through: elfutils/libelf1@0.188-2.1

Detailed paths

  • Introduced through: node@latest elfutils/libelf1@0.188-2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream elfutils package and not the elfutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 elfutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: elfutils/libelf1
  • Introduced through: elfutils/libelf1@0.188-2.1

Detailed paths

  • Introduced through: node@latest elfutils/libelf1@0.188-2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream elfutils package and not the elfutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 elfutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as fe10872e53efba9cc36c66ac4ab3b41a839d5172. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 tiff.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer.

Remediation

There is no fixed version for Debian:12 tiff.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: aom/libaom3
  • Introduced through: aom/libaom3@3.6.0-1+deb12u2

Detailed paths

  • Introduced through: node@latest aom/libaom3@3.6.0-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream aom package and not the aom package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h.

Remediation

There is no fixed version for Debian:12 aom.

References

Out-of-Bounds vulnerability report

low severity
new

CVE-2025-66864

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

Remediation

There is no fixed version for Debian:12 binutils.

References

CVE-2025-66864 vulnerability report

low severity
new

CVE-2025-66866

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

Remediation

There is no fixed version for Debian:12 binutils.

References

CVE-2025-66866 vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer explains, that "[t]his bug has been fixed at some point between the 2.43 and 2.44 releases".

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: elfutils/libelf1
  • Introduced through: elfutils/libelf1@0.188-2.1

Detailed paths

  • Introduced through: node@latest elfutils/libelf1@0.188-2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream elfutils package and not the elfutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 elfutils.

References

Out-of-Bounds vulnerability report

low severity

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.5.0-1+deb12u2 and expat/libexpat1-dev@2.5.0-1+deb12u2

Detailed paths

  • Introduced through: node@latest expat/libexpat1@2.5.0-1+deb12u2
  • Introduced through: node@latest expat/libexpat1-dev@2.5.0-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

Remediation

There is no fixed version for Debian:12 expat.

References

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') vulnerability report

low severity

Exposure of Resource to Wrong Sphere

  • Vulnerable module: git
  • Introduced through: git@1:2.39.5-0+deb12u3 and git/git-man@1:2.39.5-0+deb12u3

Detailed paths

  • Introduced through: node@latest git@1:2.39.5-0+deb12u3
  • Introduced through: node@latest git/git-man@1:2.39.5-0+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option. Note: This has been disputed by multiple 3rd parties who believe this is an intended feature of the git binary and does not pose a security risk.

Remediation

There is no fixed version for Debian:12 git.

References

Exposure of Resource to Wrong Sphere vulnerability report

low severity

Uncontrolled Recursion

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep.

Remediation

There is no fixed version for Debian:12 glibc.

References

Uncontrolled Recursion vulnerability report

low severity

Uncontrolled Recursion

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\1\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern

Remediation

There is no fixed version for Debian:12 glibc.

References

Uncontrolled Recursion vulnerability report

low severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: harfbuzz/libharfbuzz0b
  • Introduced through: harfbuzz/libharfbuzz0b@6.0.0+dfsg-3

Detailed paths

  • Introduced through: node@latest harfbuzz/libharfbuzz0b@6.0.0+dfsg-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream harfbuzz package and not the harfbuzz package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.

Remediation

There is no fixed version for Debian:12 harfbuzz.

References

Allocation of Resources Without Limits or Throttling vulnerability report

low severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

Divide By Zero vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: jansson/libjansson4
  • Introduced through: jansson/libjansson4@2.14-2

Detailed paths

  • Introduced through: node@latest jansson/libjansson4@2.14-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream jansson package and not the jansson package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification

Remediation

There is no fixed version for Debian:12 jansson.

References

Out-of-bounds Read vulnerability report

low severity

Integer Overflow or Wraparound

  • Vulnerable module: krb5/krb5-multidev
  • Introduced through: krb5/krb5-multidev@1.20.1-2+deb12u4, krb5/libgssapi-krb5-2@1.20.1-2+deb12u4 and others

Detailed paths

  • Introduced through: node@latest krb5/krb5-multidev@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libgssapi-krb5-2@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libgssrpc4@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libk5crypto3@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkadm5clnt-mit12@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkadm5srv-mit12@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkdb5-10@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5-3@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5-dev@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5support0@1.20.1-2+deb12u4

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

Remediation

There is no fixed version for Debian:12 krb5.

References

Integer Overflow or Wraparound vulnerability report

low severity

Use of a Broken or Risky Cryptographic Algorithm

  • Vulnerable module: libgcrypt20
  • Introduced through: libgcrypt20@1.10.1-3

Detailed paths

  • Introduced through: node@latest libgcrypt20@1.10.1-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libgcrypt20 package and not the libgcrypt20 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.

Remediation

There is no fixed version for Debian:12 libgcrypt20.

References

Use of a Broken or Risky Cryptographic Algorithm vulnerability report

low severity

Use of Uninitialized Variable

  • Vulnerable module: openexr/libopenexr-3-1-30
  • Introduced through: openexr/libopenexr-3-1-30@3.1.5-5 and openexr/libopenexr-dev@3.1.5-5

Detailed paths

  • Introduced through: node@latest openexr/libopenexr-3-1-30@3.1.5-5
  • Introduced through: node@latest openexr/libopenexr-dev@3.1.5-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openexr package and not the openexr package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexr_exrcheck_fuzzer, Valgrind reports a conditional branch depending on uninitialized data inside generic_unpack. This indicates a use of uninitialized memory. The issue can result in undefined behavior and/or a potential crash/denial of service. Versions 3.3.6 and 3.4.3 fix the issue.

Remediation

There is no fixed version for Debian:12 openexr.

References

Use of Uninitialized Variable vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

NULL Pointer Dereference vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

NULL Pointer Dereference vulnerability report

low severity

Cryptographic Issues

  • Vulnerable module: openldap/libldap-2.5-0
  • Introduced through: openldap/libldap-2.5-0@2.5.13+dfsg-5

Detailed paths

  • Introduced through: node@latest openldap/libldap-2.5-0@2.5.13+dfsg-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

Remediation

There is no fixed version for Debian:12 openldap.

References

Cryptographic Issues vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: openldap/libldap-2.5-0
  • Introduced through: openldap/libldap-2.5-0@2.5.13+dfsg-5

Detailed paths

  • Introduced through: node@latest openldap/libldap-2.5-0@2.5.13+dfsg-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

Remediation

There is no fixed version for Debian:12 openldap.

References

NULL Pointer Dereference vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: openldap/libldap-2.5-0
  • Introduced through: openldap/libldap-2.5-0@2.5.13+dfsg-5

Detailed paths

  • Introduced through: node@latest openldap/libldap-2.5-0@2.5.13+dfsg-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

Remediation

There is no fixed version for Debian:12 openldap.

References

Out-of-Bounds vulnerability report

low severity

Double Free

  • Vulnerable module: patch
  • Introduced through: patch@2.7.6-7

Detailed paths

  • Introduced through: node@latest patch@2.7.6-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Remediation

There is no fixed version for Debian:12 patch.

References

Double Free vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: patch
  • Introduced through: patch@2.7.6-7

Detailed paths

  • Introduced through: node@latest patch@2.7.6-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.

Remediation

There is no fixed version for Debian:12 patch.

References

NULL Pointer Dereference vulnerability report

low severity

Missing Release of Resource after Effective Lifetime

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue

Remediation

There is no fixed version for Debian:12 tiff.

References

Missing Release of Resource after Effective Lifetime vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.

Remediation

There is no fixed version for Debian:12 tiff.

References

Out-of-bounds Write vulnerability report

low severity

OS Command Injection

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

Remediation

There is no fixed version for Debian:12 openssh.

References

OS Command Injection vulnerability report

low severity

CVE-2008-1687

  • Vulnerable module: m4
  • Introduced through: m4@1.4.19-3

Detailed paths

  • Introduced through: node@latest m4@1.4.19-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream m4 package and not the m4 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.

Remediation

There is no fixed version for Debian:12 m4.

References

CVE-2008-1687 vulnerability report

low severity

CVE-2008-1688

  • Vulnerable module: m4
  • Introduced through: m4@1.4.19-3

Detailed paths

  • Introduced through: node@latest m4@1.4.19-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream m4 package and not the m4 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.

Remediation

There is no fixed version for Debian:12 m4.

References

CVE-2008-1688 vulnerability report

low severity

Inappropriate Encoding for Output Context

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

Remediation

There is no fixed version for Debian:12 openssh.

References

Inappropriate Encoding for Output Context vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-bounds Read vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-bounds Write vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-bounds Write vulnerability report

low severity

Loop with Unreachable Exit Condition ('Infinite Loop')

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-7, cairo/libcairo-script-interpreter2@1.16.0-7 and others

Detailed paths

  • Introduced through: node@latest cairo/libcairo-gobject2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo-script-interpreter2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2-dev@1.16.0-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream cairo package and not the cairo package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.

Remediation

There is no fixed version for Debian:12 cairo.

References

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-7, cairo/libcairo-script-interpreter2@1.16.0-7 and others

Detailed paths

  • Introduced through: node@latest cairo/libcairo-gobject2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo-script-interpreter2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2-dev@1.16.0-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream cairo package and not the cairo package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Remediation

There is no fixed version for Debian:12 cairo.

References

Out-of-bounds Write vulnerability report

low severity

Reachable Assertion

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-7, cairo/libcairo-script-interpreter2@1.16.0-7 and others

Detailed paths

  • Introduced through: node@latest cairo/libcairo-gobject2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo-script-interpreter2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2-dev@1.16.0-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream cairo package and not the cairo package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.

Remediation

There is no fixed version for Debian:12 cairo.

References

Reachable Assertion vulnerability report

low severity

Improper Input Validation

  • Vulnerable module: coreutils
  • Introduced through: coreutils@9.1-1

Detailed paths

  • Introduced through: node@latest coreutils@9.1-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

Remediation

There is no fixed version for Debian:12 coreutils.

References

Improper Input Validation vulnerability report

low severity

Missing Release of Resource after Effective Lifetime

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

Missing Release of Resource after Effective Lifetime vulnerability report

low severity

Missing Release of Resource after Effective Lifetime

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

Missing Release of Resource after Effective Lifetime vulnerability report

low severity

Resource Exhaustion

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

Resource Exhaustion vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: jbigkit/libjbig-dev
  • Introduced through: jbigkit/libjbig-dev@2.1-6.1 and jbigkit/libjbig0@2.1-6.1

Detailed paths

  • Introduced through: node@latest jbigkit/libjbig-dev@2.1-6.1
  • Introduced through: node@latest jbigkit/libjbig0@2.1-6.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream jbigkit package and not the jbigkit package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.

Remediation

There is no fixed version for Debian:12 jbigkit.

References

Out-of-Bounds vulnerability report

low severity

CVE-2023-50495

  • Vulnerable module: ncurses/libncurses-dev
  • Introduced through: ncurses/libncurses-dev@6.4-4, ncurses/libncurses5-dev@6.4-4 and others

Detailed paths

  • Introduced through: node@latest ncurses/libncurses-dev@6.4-4
  • Introduced through: node@latest ncurses/libncurses5-dev@6.4-4
  • Introduced through: node@latest ncurses/libncurses6@6.4-4
  • Introduced through: node@latest ncurses/libncursesw5-dev@6.4-4
  • Introduced through: node@latest ncurses/libncursesw6@6.4-4
  • Introduced through: node@latest ncurses/libtinfo6@6.4-4
  • Introduced through: node@latest ncurses/ncurses-base@6.4-4
  • Introduced through: node@latest ncurses/ncurses-bin@6.4-4

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

Remediation

There is no fixed version for Debian:12 ncurses.

References

CVE-2023-50495 vulnerability report

low severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

Allocation of Resources Without Limits or Throttling vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

NULL Pointer Dereference vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

NULL Pointer Dereference vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

NULL Pointer Dereference vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

Out-of-Bounds vulnerability report

low severity

Divide By Zero

  • Vulnerable module: pixman/libpixman-1-0
  • Introduced through: pixman/libpixman-1-0@0.42.2-1 and pixman/libpixman-1-dev@0.42.2-1

Detailed paths

  • Introduced through: node@latest pixman/libpixman-1-0@0.42.2-1
  • Introduced through: node@latest pixman/libpixman-1-dev@0.42.2-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream pixman package and not the pixman package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c.

Remediation

There is no fixed version for Debian:12 pixman.

References

Divide By Zero vulnerability report

low severity

Improper Resource Shutdown or Release

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.

Remediation

There is no fixed version for Debian:12 tiff.

References

Improper Resource Shutdown or Release vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.

Remediation

There is no fixed version for Debian:12 tiff.

References

NULL Pointer Dereference vulnerability report

low severity

Resource Exhaustion

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.

Remediation

There is no fixed version for Debian:12 tiff.

References

Resource Exhaustion vulnerability report

low severity

Numeric Errors

  • Vulnerable module: libwmf/libwmf-0.2-7
  • Introduced through: libwmf/libwmf-0.2-7@0.2.12-5.1, libwmf/libwmf-dev@0.2.12-5.1 and others

Detailed paths

  • Introduced through: node@latest libwmf/libwmf-0.2-7@0.2.12-5.1
  • Introduced through: node@latest libwmf/libwmf-dev@0.2.12-5.1
  • Introduced through: node@latest libwmf/libwmflite-0.2-7@0.2.12-5.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libwmf package and not the libwmf package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.

Remediation

There is no fixed version for Debian:12 libwmf.

References

Numeric Errors vulnerability report

low severity

Access Restriction Bypass

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.

Remediation

There is no fixed version for Debian:12 openssh.

References

Access Restriction Bypass vulnerability report

low severity

Access Restriction Bypass

  • Vulnerable module: shadow/login
  • Introduced through: shadow/login@1:4.13+dfsg1-1+deb12u2 and shadow/passwd@1:4.13+dfsg1-1+deb12u2

Detailed paths

  • Introduced through: node@latest shadow/login@1:4.13+dfsg1-1+deb12u2
  • Introduced through: node@latest shadow/passwd@1:4.13+dfsg1-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.

Remediation

There is no fixed version for Debian:12 shadow.

References

Access Restriction Bypass vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.

Remediation

There is no fixed version for Debian:12 tiff.

References

Out-of-bounds Read vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: util-linux
  • Introduced through: util-linux@2.38.1-5+deb12u3, util-linux/bsdutils@1:2.38.1-5+deb12u3 and others

Detailed paths

  • Introduced through: node@latest util-linux@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/bsdutils@1:2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libblkid-dev@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libblkid1@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libmount-dev@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libmount1@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libsmartcols1@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libuuid1@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/mount@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/util-linux-extra@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/uuid-dev@2.38.1-5+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream util-linux package and not the util-linux package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam() function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

Remediation

There is no fixed version for Debian:12 util-linux.

References

Out-of-bounds Read vulnerability report

low severity

Open Redirect

  • Vulnerable module: wget
  • Introduced through: wget@1.21.3-1+deb12u1

Detailed paths

  • Introduced through: node@latest wget@1.21.3-1+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream wget package and not the wget package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.

Remediation

There is no fixed version for Debian:12 wget.

References

Open Redirect vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Race Condition

  • Vulnerable module: dav1d/libdav1d6
  • Introduced through: dav1d/libdav1d6@1.0.0-2+deb12u1

Detailed paths

  • Introduced through: node@latest dav1d/libdav1d6@1.0.0-2+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream dav1d package and not the dav1d package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.

Remediation

There is no fixed version for Debian:12 dav1d.

References

Race Condition vulnerability report

low severity

Information Exposure

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

Remediation

There is no fixed version for Debian:12 openssh.

References

Information Exposure vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).

Remediation

There is no fixed version for Debian:12 binutils.

References

Allocation of Resources Without Limits or Throttling vulnerability report

low severity

Improper Resource Shutdown or Release

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Improper Resource Shutdown or Release vulnerability report

low severity

Memory Leak

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Memory Leak vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggested to install a patch to address this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. This patch is called 16357. It is best practice to apply a patch to resolve this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-bounds Read vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-bounds Read vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-bounds Read vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-bounds Write vulnerability report

low severity

Unchecked Return Value

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.

Remediation

There is no fixed version for Debian:12 binutils.

References

Unchecked Return Value vulnerability report

low severity

Uncontrolled Recursion

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.

Remediation

There is no fixed version for Debian:12 binutils.

References

Uncontrolled Recursion vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-7, cairo/libcairo-script-interpreter2@1.16.0-7 and others

Detailed paths

  • Introduced through: node@latest cairo/libcairo-gobject2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo-script-interpreter2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2-dev@1.16.0-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream cairo package and not the cairo package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

Remediation

There is no fixed version for Debian:12 cairo.

References

NULL Pointer Dereference vulnerability report

low severity

Improper Resource Shutdown or Release

  • Vulnerable module: elfutils/libelf1
  • Introduced through: elfutils/libelf1@0.188-2.1

Detailed paths

  • Introduced through: node@latest elfutils/libelf1@0.188-2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream elfutils package and not the elfutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 elfutils.

References

Improper Resource Shutdown or Release vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: elfutils/libelf1
  • Introduced through: elfutils/libelf1@0.188-2.1

Detailed paths

  • Introduced through: node@latest elfutils/libelf1@0.188-2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream elfutils package and not the elfutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 elfutils.

References

NULL Pointer Dereference vulnerability report

low severity

Algorithmic Complexity

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.5.0-1+deb12u2 and expat/libexpat1-dev@2.5.0-1+deb12u2

Detailed paths

  • Introduced through: node@latest expat/libexpat1@2.5.0-1+deb12u2
  • Introduced through: node@latest expat/libexpat1-dev@2.5.0-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

Remediation

There is no fixed version for Debian:12 expat.

References

Algorithmic Complexity vulnerability report

low severity

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.5.0-1+deb12u2 and expat/libexpat1-dev@2.5.0-1+deb12u2

Detailed paths

  • Introduced through: node@latest expat/libexpat1@2.5.0-1+deb12u2
  • Introduced through: node@latest expat/libexpat1-dev@2.5.0-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.

Remediation

There is no fixed version for Debian:12 expat.

References

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') vulnerability report

low severity

Uncontrolled Recursion

  • Vulnerable module: gcc-12
  • Introduced through: gcc-12@12.2.0-14+deb12u1, gcc-12/cpp-12@12.2.0-14+deb12u1 and others

Detailed paths

  • Introduced through: node@latest gcc-12@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/cpp-12@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/g++-12@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/gcc-12-base@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libasan8@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libatomic1@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libcc1-0@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libgcc-12-dev@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libgcc-s1@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libgomp1@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libitm1@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/liblsan0@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libquadmath0@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libstdc++-12-dev@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libstdc++6@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libtsan2@12.2.0-14+deb12u1
  • Introduced through: node@latest gcc-12/libubsan1@12.2.0-14+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream gcc-12 package and not the gcc-12 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.

Remediation

There is no fixed version for Debian:12 gcc-12.

References

Uncontrolled Recursion vulnerability report

low severity

CVE-2005-0406

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

CVE-2005-0406 vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

Out-of-Bounds vulnerability report

low severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."

Remediation

There is no fixed version for Debian:12 imagemagick.

References

Out-of-bounds Read vulnerability report

low severity

Buffer Overflow

  • Vulnerable module: libpng1.6/libpng-dev
  • Introduced through: libpng1.6/libpng-dev@1.6.39-2+deb12u1 and libpng1.6/libpng16-16@1.6.39-2+deb12u1

Detailed paths

  • Introduced through: node@latest libpng1.6/libpng-dev@1.6.39-2+deb12u1
  • Introduced through: node@latest libpng1.6/libpng16-16@1.6.39-2+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libpng1.6 package and not the libpng1.6 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.

Remediation

There is no fixed version for Debian:12 libpng1.6.

References

Buffer Overflow vulnerability report

low severity

Expired Pointer Dereference

  • Vulnerable module: libxslt/libxslt1-dev
  • Introduced through: libxslt/libxslt1-dev@1.1.35-1+deb12u3 and libxslt/libxslt1.1@1.1.35-1+deb12u3

Detailed paths

  • Introduced through: node@latest libxslt/libxslt1-dev@1.1.35-1+deb12u3
  • Introduced through: node@latest libxslt/libxslt1.1@1.1.35-1+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxslt package and not the libxslt package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.

Remediation

There is no fixed version for Debian:12 libxslt.

References

Expired Pointer Dereference vulnerability report

low severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: openexr/libopenexr-3-1-30
  • Introduced through: openexr/libopenexr-3-1-30@3.1.5-5 and openexr/libopenexr-dev@3.1.5-5

Detailed paths

  • Introduced through: node@latest openexr/libopenexr-3-1-30@3.1.5-5
  • Introduced through: node@latest openexr/libopenexr-dev@3.1.5-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openexr package and not the openexr package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3.

Remediation

There is no fixed version for Debian:12 openexr.

References

Allocation of Resources Without Limits or Throttling vulnerability report

low severity

Resource Exhaustion

  • Vulnerable module: openexr/libopenexr-3-1-30
  • Introduced through: openexr/libopenexr-3-1-30@3.1.5-5 and openexr/libopenexr-dev@3.1.5-5

Detailed paths

  • Introduced through: node@latest openexr/libopenexr-3-1-30@3.1.5-5
  • Introduced through: node@latest openexr/libopenexr-dev@3.1.5-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openexr package and not the openexr package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid

Remediation

There is no fixed version for Debian:12 openexr.

References

Resource Exhaustion vulnerability report

low severity

Release of Invalid Pointer or Reference

  • Vulnerable module: patch
  • Introduced through: patch@2.7.6-7

Detailed paths

  • Introduced through: node@latest patch@2.7.6-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.

Remediation

There is no fixed version for Debian:12 patch.

References

Release of Invalid Pointer or Reference vulnerability report

low severity

CVE-2025-13837

  • Vulnerable module: python3.11
  • Introduced through: python3.11@3.11.2-6+deb12u6, python3.11/libpython3.11-minimal@3.11.2-6+deb12u6 and others

Detailed paths

  • Introduced through: node@latest python3.11@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-minimal@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-stdlib@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/python3.11-minimal@3.11.2-6+deb12u6

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.11 package and not the python3.11 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

Remediation

There is no fixed version for Debian:12 python3.11.

References

CVE-2025-13837 vulnerability report

low severity

Integer Overflow or Wraparound

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.40.1-2+deb12u2 and sqlite3/libsqlite3-dev@3.40.1-2+deb12u2

Detailed paths

  • Introduced through: node@latest sqlite3/libsqlite3-0@3.40.1-2+deb12u2
  • Introduced through: node@latest sqlite3/libsqlite3-dev@3.40.1-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.

Remediation

There is no fixed version for Debian:12 sqlite3.

References

Integer Overflow or Wraparound vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.

Remediation

There is no fixed version for Debian:12 tiff.

References

Out-of-bounds Write vulnerability report

low severity

Information Exposure

  • Vulnerable module: util-linux
  • Introduced through: util-linux@2.38.1-5+deb12u3, util-linux/bsdutils@1:2.38.1-5+deb12u3 and others

Detailed paths

  • Introduced through: node@latest util-linux@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/bsdutils@1:2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libblkid-dev@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libblkid1@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libmount-dev@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libmount1@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libsmartcols1@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/libuuid1@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/mount@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/util-linux-extra@2.38.1-5+deb12u3
  • Introduced through: node@latest util-linux/uuid-dev@2.38.1-5+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream util-linux package and not the util-linux package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.

Remediation

There is no fixed version for Debian:12 util-linux.

References

Information Exposure vulnerability report

low severity

Directory Traversal

  • Vulnerable module: patch
  • Introduced through: patch@2.7.6-7

Detailed paths

  • Introduced through: node@latest patch@2.7.6-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.

Remediation

There is no fixed version for Debian:12 patch.

References

Directory Traversal vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Cryptographic Issues

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.74.6-2+deb12u8, glib2.0/libglib2.0-bin@2.74.6-2+deb12u8 and others

Detailed paths

  • Introduced through: node@latest glib2.0/libglib2.0-0@2.74.6-2+deb12u8
  • Introduced through: node@latest glib2.0/libglib2.0-bin@2.74.6-2+deb12u8
  • Introduced through: node@latest glib2.0/libglib2.0-data@2.74.6-2+deb12u8
  • Introduced through: node@latest glib2.0/libglib2.0-dev@2.74.6-2+deb12u8
  • Introduced through: node@latest glib2.0/libglib2.0-dev-bin@2.74.6-2+deb12u8

NVD Description

Note: Versions mentioned in the description apply only to the upstream glib2.0 package and not the glib2.0 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.

Remediation

There is no fixed version for Debian:12 glib2.0.

References

Cryptographic Issues vulnerability report

low severity

Information Exposure

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:12 glibc.

References

Information Exposure vulnerability report

low severity

Use of Insufficiently Random Values

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.

Remediation

There is no fixed version for Debian:12 glibc.

References

Use of Insufficiently Random Values vulnerability report

low severity

Reliance on Undefined

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

Reliance on Undefined vulnerability report

low severity

Resource Management Errors

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5 and others

Detailed paths

  • Introduced through: node@latest imagemagick@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.6+deb12u5
  • Introduced through: node@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.6+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.

Remediation

There is no fixed version for Debian:12 imagemagick.

References

Resource Management Errors vulnerability report

low severity

Resource Management Errors

  • Vulnerable module: libwmf/libwmf-0.2-7
  • Introduced through: libwmf/libwmf-0.2-7@0.2.12-5.1, libwmf/libwmf-dev@0.2.12-5.1 and others

Detailed paths

  • Introduced through: node@latest libwmf/libwmf-0.2-7@0.2.12-5.1
  • Introduced through: node@latest libwmf/libwmf-dev@0.2.12-5.1
  • Introduced through: node@latest libwmf/libwmflite-0.2-7@0.2.12-5.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libwmf package and not the libwmf package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.

Remediation

There is no fixed version for Debian:12 libwmf.

References

Resource Management Errors vulnerability report

low severity

Use of Insufficiently Random Values

  • Vulnerable module: libxslt/libxslt1-dev
  • Introduced through: libxslt/libxslt1-dev@1.1.35-1+deb12u3 and libxslt/libxslt1.1@1.1.35-1+deb12u3

Detailed paths

  • Introduced through: node@latest libxslt/libxslt1-dev@1.1.35-1+deb12u3
  • Introduced through: node@latest libxslt/libxslt1.1@1.1.35-1+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxslt package and not the libxslt package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.

Remediation

There is no fixed version for Debian:12 libxslt.

References

Use of Insufficiently Random Values vulnerability report

low severity

CVE-2016-20012

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

Remediation

There is no fixed version for Debian:12 openssh.

References

CVE-2016-20012 vulnerability report

low severity

Improper Authentication

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483.

Remediation

There is no fixed version for Debian:12 openssh.

References

Improper Authentication vulnerability report

low severity

Information Exposure

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

Remediation

There is no fixed version for Debian:12 openssh.

References

Information Exposure vulnerability report

low severity

CVE-2025-12084

  • Vulnerable module: python3.11
  • Introduced through: python3.11@3.11.2-6+deb12u6, python3.11/libpython3.11-minimal@3.11.2-6+deb12u6 and others

Detailed paths

  • Introduced through: node@latest python3.11@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-minimal@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-stdlib@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/python3.11-minimal@3.11.2-6+deb12u6

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.11 package and not the python3.11 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.

Remediation

There is no fixed version for Debian:12 python3.11.

References

CVE-2025-12084 vulnerability report

low severity

Improper Validation of Integrity Check Value

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@252.39-1~deb12u1 and systemd/libudev1@252.39-1~deb12u1

Detailed paths

  • Introduced through: node@latest systemd/libsystemd0@252.39-1~deb12u1
  • Introduced through: node@latest systemd/libudev1@252.39-1~deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:12 systemd.

References

Improper Validation of Integrity Check Value vulnerability report

low severity

Improper Validation of Integrity Check Value

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@252.39-1~deb12u1 and systemd/libudev1@252.39-1~deb12u1

Detailed paths

  • Introduced through: node@latest systemd/libsystemd0@252.39-1~deb12u1
  • Introduced through: node@latest systemd/libudev1@252.39-1~deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:12 systemd.

References

Improper Validation of Integrity Check Value vulnerability report

low severity

Improper Validation of Integrity Check Value

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@252.39-1~deb12u1 and systemd/libudev1@252.39-1~deb12u1

Detailed paths

  • Introduced through: node@latest systemd/libsystemd0@252.39-1~deb12u1
  • Introduced through: node@latest systemd/libudev1@252.39-1~deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:12 systemd.

References

Improper Validation of Integrity Check Value vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 tiff.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Improper Input Validation

  • Vulnerable module: git
  • Introduced through: git@1:2.39.5-0+deb12u3 and git/git-man@1:2.39.5-0+deb12u3

Detailed paths

  • Introduced through: node@latest git@1:2.39.5-0+deb12u3
  • Introduced through: node@latest git/git-man@1:2.39.5-0+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).

Remediation

There is no fixed version for Debian:12 git.

References

Improper Input Validation vulnerability report

low severity

Race Condition

  • Vulnerable module: coreutils
  • Introduced through: coreutils@9.1-1

Detailed paths

  • Introduced through: node@latest coreutils@9.1-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.

Remediation

There is no fixed version for Debian:12 coreutils.

References

Race Condition vulnerability report

low severity

Improper Resource Shutdown or Release

  • Vulnerable module: elfutils/libelf1
  • Introduced through: elfutils/libelf1@0.188-2.1

Detailed paths

  • Introduced through: node@latest elfutils/libelf1@0.188-2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream elfutils package and not the elfutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 elfutils.

References

Improper Resource Shutdown or Release vulnerability report

low severity

CVE-2025-30258

  • Vulnerable module: gnupg2/dirmngr
  • Introduced through: gnupg2/dirmngr@2.2.40-1.1+deb12u2, gnupg2/gnupg@2.2.40-1.1+deb12u2 and others

Detailed paths

  • Introduced through: node@latest gnupg2/dirmngr@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg-l10n@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg-utils@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-agent@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-wks-client@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-wks-server@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgconf@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgsm@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgv@2.2.40-1.1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnupg2 package and not the gnupg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."

Remediation

There is no fixed version for Debian:12 gnupg2.

References

CVE-2025-30258 vulnerability report

low severity
new

Improper Verification of Cryptographic Signature

  • Vulnerable module: gnupg2/dirmngr
  • Introduced through: gnupg2/dirmngr@2.2.40-1.1+deb12u2, gnupg2/gnupg@2.2.40-1.1+deb12u2 and others

Detailed paths

  • Introduced through: node@latest gnupg2/dirmngr@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg-l10n@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg-utils@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-agent@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-wks-client@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-wks-server@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgconf@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgsm@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgv@2.2.40-1.1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnupg2 package and not the gnupg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

Remediation

There is no fixed version for Debian:12 gnupg2.

References

Improper Verification of Cryptographic Signature vulnerability report

low severity

Improper Initialization

  • Vulnerable module: openldap/libldap-2.5-0
  • Introduced through: openldap/libldap-2.5-0@2.5.13+dfsg-5

Detailed paths

  • Introduced through: node@latest openldap/libldap-2.5-0@2.5.13+dfsg-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as demonstrated by openldap-initscript.

Remediation

There is no fixed version for Debian:12 openldap.

References

Improper Initialization vulnerability report

low severity

Insecure Storage of Sensitive Information

  • Vulnerable module: pam/libpam-modules
  • Introduced through: pam/libpam-modules@1.5.2-6+deb12u2, pam/libpam-modules-bin@1.5.2-6+deb12u2 and others

Detailed paths

  • Introduced through: node@latest pam/libpam-modules@1.5.2-6+deb12u2
  • Introduced through: node@latest pam/libpam-modules-bin@1.5.2-6+deb12u2
  • Introduced through: node@latest pam/libpam-runtime@1.5.2-6+deb12u2
  • Introduced through: node@latest pam/libpam0g@1.5.2-6+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream pam package and not the pam package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.

Remediation

There is no fixed version for Debian:12 pam.

References

Insecure Storage of Sensitive Information vulnerability report

low severity

Stack-based Buffer Overflow

  • Vulnerable module: coreutils
  • Introduced through: coreutils@9.1-1

Detailed paths

  • Introduced through: node@latest coreutils@9.1-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.

Remediation

There is no fixed version for Debian:12 coreutils.

References

Stack-based Buffer Overflow vulnerability report

low severity

Link Following

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@252.39-1~deb12u1 and systemd/libudev1@252.39-1~deb12u1

Detailed paths

  • Introduced through: node@latest systemd/libsystemd0@252.39-1~deb12u1
  • Introduced through: node@latest systemd/libudev1@252.39-1~deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.

Remediation

There is no fixed version for Debian:12 systemd.

References

Link Following vulnerability report

low severity

Resource Management Errors

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.

Remediation

There is no fixed version for Debian:12 glibc.

References

Resource Management Errors vulnerability report

low severity

Improper Input Validation

  • Vulnerable module: gnutls28/libgnutls30
  • Introduced through: gnutls28/libgnutls30@3.7.9-2+deb12u5

Detailed paths

  • Introduced through: node@latest gnutls28/libgnutls30@3.7.9-2+deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnutls28 package and not the gnutls28 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Remediation

There is no fixed version for Debian:12 gnutls28.

References

Improper Input Validation vulnerability report

low severity

Numeric Errors

  • Vulnerable module: libwmf/libwmf-0.2-7
  • Introduced through: libwmf/libwmf-0.2-7@0.2.12-5.1, libwmf/libwmf-dev@0.2.12-5.1 and others

Detailed paths

  • Introduced through: node@latest libwmf/libwmf-0.2-7@0.2.12-5.1
  • Introduced through: node@latest libwmf/libwmf-dev@0.2.12-5.1
  • Introduced through: node@latest libwmf/libwmflite-0.2-7@0.2.12-5.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libwmf package and not the libwmf package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.

Remediation

There is no fixed version for Debian:12 libwmf.

References

Numeric Errors vulnerability report

low severity

Information Exposure

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

Remediation

There is no fixed version for Debian:12 openssh.

References

Information Exposure vulnerability report

low severity

Memory Leak

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.40.1-2+deb12u2 and sqlite3/libsqlite3-dev@3.40.1-2+deb12u2

Detailed paths

  • Introduced through: node@latest sqlite3/libsqlite3-0@3.40.1-2+deb12u2
  • Introduced through: node@latest sqlite3/libsqlite3-dev@3.40.1-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.

Remediation

There is no fixed version for Debian:12 sqlite3.

References

Memory Leak vulnerability report

low severity

Improper Certificate Validation

  • Vulnerable module: openldap/libldap-2.5-0
  • Introduced through: openldap/libldap-2.5-0@2.5.13+dfsg-5

Detailed paths

  • Introduced through: node@latest openldap/libldap-2.5-0@2.5.13+dfsg-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.

Remediation

There is no fixed version for Debian:12 openldap.

References

Improper Certificate Validation vulnerability report

low severity

Improper Verification of Cryptographic Signature

  • Vulnerable module: apt
  • Introduced through: apt@2.6.1 and apt/libapt-pkg6.0@2.6.1

Detailed paths

  • Introduced through: node@latest apt@2.6.1
  • Introduced through: node@latest apt/libapt-pkg6.0@2.6.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream apt package and not the apt package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.

Remediation

There is no fixed version for Debian:12 apt.

References

Improper Verification of Cryptographic Signature vulnerability report

low severity

Memory Leak

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:12 binutils.

References

Memory Leak vulnerability report

low severity
new

Uncontrolled Recursion

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.14+dfsg-1.3~deb12u5 and libxml2/libxml2-dev@2.9.14+dfsg-1.3~deb12u5

Detailed paths

  • Introduced through: node@latest libxml2@2.9.14+dfsg-1.3~deb12u5
  • Introduced through: node@latest libxml2/libxml2-dev@2.9.14+dfsg-1.3~deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.

Remediation

There is no fixed version for Debian:12 libxml2.

References

Uncontrolled Recursion vulnerability report

low severity

Memory Leak

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Memory Leak vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: gnupg2/dirmngr
  • Introduced through: gnupg2/dirmngr@2.2.40-1.1+deb12u2, gnupg2/gnupg@2.2.40-1.1+deb12u2 and others

Detailed paths

  • Introduced through: node@latest gnupg2/dirmngr@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg-l10n@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gnupg-utils@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-agent@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-wks-client@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpg-wks-server@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgconf@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgsm@2.2.40-1.1+deb12u2
  • Introduced through: node@latest gnupg2/gpgv@2.2.40-1.1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnupg2 package and not the gnupg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.

Remediation

There is no fixed version for Debian:12 gnupg2.

References

Out-of-bounds Write vulnerability report

low severity

Improper Resource Shutdown or Release

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.14+dfsg-1.3~deb12u5 and libxml2/libxml2-dev@2.9.14+dfsg-1.3~deb12u5

Detailed paths

  • Introduced through: node@latest libxml2@2.9.14+dfsg-1.3~deb12u5
  • Introduced through: node@latest libxml2/libxml2-dev@2.9.14+dfsg-1.3~deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that "[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all."

Remediation

There is no fixed version for Debian:12 libxml2.

References

Improper Resource Shutdown or Release vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: ncurses/libncurses-dev
  • Introduced through: ncurses/libncurses-dev@6.4-4, ncurses/libncurses5-dev@6.4-4 and others

Detailed paths

  • Introduced through: node@latest ncurses/libncurses-dev@6.4-4
  • Introduced through: node@latest ncurses/libncurses5-dev@6.4-4
  • Introduced through: node@latest ncurses/libncurses6@6.4-4
  • Introduced through: node@latest ncurses/libncursesw5-dev@6.4-4
  • Introduced through: node@latest ncurses/libncursesw6@6.4-4
  • Introduced through: node@latest ncurses/libtinfo6@6.4-4
  • Introduced through: node@latest ncurses/ncurses-base@6.4-4
  • Introduced through: node@latest ncurses/ncurses-bin@6.4-4

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:12 ncurses.

References

Out-of-Bounds vulnerability report

low severity

Link Following

  • Vulnerable module: perl
  • Introduced through: perl@5.36.0-7+deb12u3, perl/libperl5.36@5.36.0-7+deb12u3 and others

Detailed paths

  • Introduced through: node@latest perl@5.36.0-7+deb12u3
  • Introduced through: node@latest perl/libperl5.36@5.36.0-7+deb12u3
  • Introduced through: node@latest perl/perl-base@5.36.0-7+deb12u3
  • Introduced through: node@latest perl/perl-modules-5.36@5.36.0-7+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

_is_safe in the File::Temp module for Perl does not properly handle symlinks.

Remediation

There is no fixed version for Debian:12 perl.

References

Link Following vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: procps
  • Introduced through: procps@2:4.0.2-3 and procps/libproc2-0@2:4.0.2-3

Detailed paths

  • Introduced through: node@latest procps@2:4.0.2-3
  • Introduced through: node@latest procps/libproc2-0@2:4.0.2-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream procps package and not the procps package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

Remediation

There is no fixed version for Debian:12 procps.

References

Out-of-bounds Write vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.

Remediation

There is no fixed version for Debian:12 tiff.

References

Out-of-Bounds vulnerability report

low severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.

Remediation

There is no fixed version for Debian:12 tiff.

References

Out-of-bounds Write vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: unzip
  • Introduced through: unzip@6.0-28

Detailed paths

  • Introduced through: node@latest unzip@6.0-28

NVD Description

Note: Versions mentioned in the description apply only to the upstream unzip package and not the unzip package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

Remediation

There is no fixed version for Debian:12 unzip.

References

NULL Pointer Dereference vulnerability report

low severity

Memory Leak

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:12 binutils.

References

Memory Leak vulnerability report

low severity

Memory Leak

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfd_malloc of the file libbfd.c of the component ld. The manipulation leads to memory leak. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:12 binutils.

References

Memory Leak vulnerability report

low severity

Memory Leak

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function link_order_scan of the file ld/ldelfgen.c of the component ld. The manipulation leads to memory leak. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:12 binutils.

References

Memory Leak vulnerability report

low severity

Memory Leak

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:12 binutils.

References

Memory Leak vulnerability report

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 binutils.

References

Out-of-Bounds vulnerability report

low severity

Access of Resource Using Incompatible Type ('Type Confusion')

  • Vulnerable module: libxslt/libxslt1-dev
  • Introduced through: libxslt/libxslt1-dev@1.1.35-1+deb12u3 and libxslt/libxslt1.1@1.1.35-1+deb12u3

Detailed paths

  • Introduced through: node@latest libxslt/libxslt1-dev@1.1.35-1+deb12u3
  • Introduced through: node@latest libxslt/libxslt1.1@1.1.35-1+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxslt package and not the libxslt package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads and potential crashes. While difficult to exploit, the flaw could lead to application instability or denial of service.

Remediation

There is no fixed version for Debian:12 libxslt.

References

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability report

low severity
new

Resource Exhaustion

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.14+dfsg-1.3~deb12u5 and libxml2/libxml2-dev@2.9.14+dfsg-1.3~deb12u5

Detailed paths

  • Introduced through: node@latest libxml2@2.9.14+dfsg-1.3~deb12u5
  • Introduced through: node@latest libxml2/libxml2-dev@2.9.14+dfsg-1.3~deb12u5

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated <nextCatalog> elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.

Remediation

There is no fixed version for Debian:12 libxml2.

References

Resource Exhaustion vulnerability report

low severity

Improper Resource Shutdown or Release

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:12 tiff.

References

Improper Resource Shutdown or Release vulnerability report

low severity

Improper Resource Shutdown or Release

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 6ba36f159fd396ad11bf6b7874554197736ecc8b. It is recommended to apply a patch to fix this issue. One of the maintainers explains, that "[t]his error only occurs if DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. "rD") option is used."

Remediation

There is no fixed version for Debian:12 tiff.

References

Improper Resource Shutdown or Release vulnerability report

low severity

Memory Leak

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.5.0-6+deb12u3, tiff/libtiff6@4.5.0-6+deb12u3 and others

Detailed paths

  • Introduced through: node@latest tiff/libtiff-dev@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiff6@4.5.0-6+deb12u3
  • Introduced through: node@latest tiff/libtiffxx6@4.5.0-6+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The exploit has been published and may be used. There is ongoing doubt regarding the real existence of this vulnerability. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue. A researcher disputes the security impact of this issue, because "this is a memory leak on a command line tool that is about to exit anyway". In the reply the project maintainer declares this issue as "a simple 'bug' when leaving the command line tool and (...) not a security issue at all".

Remediation

There is no fixed version for Debian:12 tiff.

References

Memory Leak vulnerability report

low severity

CVE-2024-53589

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

Remediation

There is no fixed version for Debian:12 binutils.

References

CVE-2024-53589 vulnerability report

low severity

CVE-2024-57360

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: nm --without-symbol-version function.

Remediation

There is no fixed version for Debian:12 binutils.

References

CVE-2024-57360 vulnerability report

low severity
new

CVE-2025-66861

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26 allowing attackers to cause a denial of service via crafted PE file.

Remediation

There is no fixed version for Debian:12 binutils.

References

CVE-2025-66861 vulnerability report

low severity
new

CVE-2025-66862

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

Remediation

There is no fixed version for Debian:12 binutils.

References

CVE-2025-66862 vulnerability report

low severity
new

CVE-2025-66863

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

Remediation

There is no fixed version for Debian:12 binutils.

References

CVE-2025-66863 vulnerability report

low severity
new

CVE-2025-66865

  • Vulnerable module: binutils
  • Introduced through: binutils@2.40-2, binutils/binutils-common@2.40-2 and others

Detailed paths

  • Introduced through: node@latest binutils@2.40-2
  • Introduced through: node@latest binutils/binutils-common@2.40-2
  • Introduced through: node@latest binutils/binutils-x86-64-linux-gnu@2.40-2
  • Introduced through: node@latest binutils/libbinutils@2.40-2
  • Introduced through: node@latest binutils/libctf-nobfd0@2.40-2
  • Introduced through: node@latest binutils/libctf0@2.40-2
  • Introduced through: node@latest binutils/libgprofng0@2.40-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

Remediation

There is no fixed version for Debian:12 binutils.

References

CVE-2025-66865 vulnerability report

low severity

Reachable Assertion

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-7, cairo/libcairo-script-interpreter2@1.16.0-7 and others

Detailed paths

  • Introduced through: node@latest cairo/libcairo-gobject2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo-script-interpreter2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2@1.16.0-7
  • Introduced through: node@latest cairo/libcairo2-dev@1.16.0-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream cairo package and not the cairo package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.

Remediation

There is no fixed version for Debian:12 cairo.

References

Reachable Assertion vulnerability report

low severity

Buffer Overflow

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

Remediation

There is no fixed version for Debian:12 curl.

References

Buffer Overflow vulnerability report

low severity

CVE-2025-10148

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection.

A predictable mask pattern allows for a malicious server to induce traffic between the two communicating parties that could be interpreted by an involved proxy (configured or transparent) as genuine, real, HTTP traffic with content and thereby poison its cache. That cached poisoned content could then be served to all users of that proxy.

Remediation

There is no fixed version for Debian:12 curl.

References

CVE-2025-10148 vulnerability report

low severity

CVE-2025-10966

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms.

This prevents curl from detecting MITM attackers and more.

Remediation

There is no fixed version for Debian:12 curl.

References

CVE-2025-10966 vulnerability report

low severity
new

CVE-2025-14017

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers.

Disabling certificate verification for a specific transfer could unintentionally disable the feature for other threads as well.

Remediation

There is no fixed version for Debian:12 curl.

References

CVE-2025-14017 vulnerability report

low severity
new

CVE-2025-14819

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPT_NO_PARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcurl find and accept a trust chain that it otherwise would not.

Remediation

There is no fixed version for Debian:12 curl.

References

CVE-2025-14819 vulnerability report

low severity
new

CVE-2025-15079

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global known_hosts file.

Remediation

There is no fixed version for Debian:12 curl.

References

CVE-2025-15079 vulnerability report

low severity
new

CVE-2025-15224

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent.

Remediation

There is no fixed version for Debian:12 curl.

References

CVE-2025-15224 vulnerability report

low severity

Improper Certificate Validation

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.

Remediation

There is no fixed version for Debian:12 curl.

References

Improper Certificate Validation vulnerability report

low severity
new

Open Redirect

  • Vulnerable module: curl
  • Introduced through: curl@7.88.1-10+deb12u14, curl/libcurl3-gnutls@7.88.1-10+deb12u14 and others

Detailed paths

  • Introduced through: node@latest curl@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl3-gnutls@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4@7.88.1-10+deb12u14
  • Introduced through: node@latest curl/libcurl4-openssl-dev@7.88.1-10+deb12u14

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.

Remediation

There is no fixed version for Debian:12 curl.

References

Open Redirect vulnerability report

low severity

CVE-2025-6297

  • Vulnerable module: dpkg
  • Introduced through: dpkg@1.21.22, dpkg/dpkg-dev@1.21.22 and others

Detailed paths

  • Introduced through: node@latest dpkg@1.21.22
  • Introduced through: node@latest dpkg/dpkg-dev@1.21.22
  • Introduced through: node@latest dpkg/libdpkg-perl@1.21.22

NVD Description

Note: Versions mentioned in the description apply only to the upstream dpkg package and not the dpkg package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.

Remediation

There is no fixed version for Debian:12 dpkg.

References

CVE-2025-6297 vulnerability report

low severity

CVE-2024-25260

  • Vulnerable module: elfutils/libelf1
  • Introduced through: elfutils/libelf1@0.188-2.1

Detailed paths

  • Introduced through: node@latest elfutils/libelf1@0.188-2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream elfutils package and not the elfutils package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c.

Remediation

There is no fixed version for Debian:12 elfutils.

References

CVE-2024-25260 vulnerability report

low severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.5.0-1+deb12u2 and expat/libexpat1-dev@2.5.0-1+deb12u2

Detailed paths

  • Introduced through: node@latest expat/libexpat1@2.5.0-1+deb12u2
  • Introduced through: node@latest expat/libexpat1-dev@2.5.0-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.

Remediation

There is no fixed version for Debian:12 expat.

References

Allocation of Resources Without Limits or Throttling vulnerability report

low severity

Arbitrary Argument Injection

  • Vulnerable module: git
  • Introduced through: git@1:2.39.5-0+deb12u3 and git/git-man@1:2.39.5-0+deb12u3

Detailed paths

  • Introduced through: node@latest git@1:2.39.5-0+deb12u3
  • Introduced through: node@latest git/git-man@1:2.39.5-0+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

Remediation

There is no fixed version for Debian:12 git.

References

Arbitrary Argument Injection vulnerability report

low severity

External Control of File Name or Path

  • Vulnerable module: git
  • Introduced through: git@1:2.39.5-0+deb12u3 and git/git-man@1:2.39.5-0+deb12u3

Detailed paths

  • Introduced through: node@latest git@1:2.39.5-0+deb12u3
  • Introduced through: node@latest git/git-man@1:2.39.5-0+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection. This protocol injection can cause the client to write the fetched bundle to a location controlled by the adversary. The fetched content is fully controlled by the server, which can in the worst case lead to arbitrary code execution. The use of bundle URIs is not enabled by default and can be controlled by the bundle.heuristic config option. Some cases of the vulnerability require that the adversary is in control of where a repository will be cloned to. This either requires social engineering or a recursive clone with submodules. These cases can thus be avoided by disabling recursive clones. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

Remediation

There is no fixed version for Debian:12 git.

References

External Control of File Name or Path vulnerability report

low severity

Link Following

  • Vulnerable module: git
  • Introduced through: git@1:2.39.5-0+deb12u3 and git/git-man@1:2.39.5-0+deb12u3

Detailed paths

  • Introduced through: node@latest git@1:2.39.5-0+deb12u3
  • Introduced through: node@latest git/git-man@1:2.39.5-0+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

Remediation

There is no fixed version for Debian:12 git.

References

Link Following vulnerability report

low severity

OS Command Injection

  • Vulnerable module: git
  • Introduced through: git@1:2.39.5-0+deb12u3 and git/git-man@1:2.39.5-0+deb12u3

Detailed paths

  • Introduced through: node@latest git@1:2.39.5-0+deb12u3
  • Introduced through: node@latest git/git-man@1:2.39.5-0+deb12u3

NVD Description

Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

Remediation

There is no fixed version for Debian:12 git.

References

OS Command Injection vulnerability report

low severity
new

CVE-2026-0988

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.74.6-2+deb12u8, glib2.0/libglib2.0-bin@2.74.6-2+deb12u8 and others

Detailed paths

  • Introduced through: node@latest glib2.0/libglib2.0-0@2.74.6-2+deb12u8
  • Introduced through: node@latest glib2.0/libglib2.0-bin@2.74.6-2+deb12u8
  • Introduced through: node@latest glib2.0/libglib2.0-data@2.74.6-2+deb12u8
  • Introduced through: node@latest glib2.0/libglib2.0-dev@2.74.6-2+deb12u8
  • Introduced through: node@latest glib2.0/libglib2.0-dev-bin@2.74.6-2+deb12u8

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

There is no fixed version for Debian:12 glib2.0.

References

CVE-2026-0988 vulnerability report

low severity
new

CVE-2026-0861

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption.

Note that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1<<62+ 1, 1<<63] and exactly 1<<63 for posix_memalign and aligned_alloc.

Typically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments.

Remediation

There is no fixed version for Debian:12 glibc.

References

CVE-2026-0861 vulnerability report

low severity
new

CVE-2026-0915

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.36-9+deb12u13, glibc/libc-dev-bin@2.36-9+deb12u13 and others

Detailed paths

  • Introduced through: node@latest glibc/libc-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc-dev-bin@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6@2.36-9+deb12u13
  • Introduced through: node@latest glibc/libc6-dev@2.36-9+deb12u13

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.

Remediation

There is no fixed version for Debian:12 glibc.

References

CVE-2026-0915 vulnerability report

low severity

CVE-2025-9820

  • Vulnerable module: gnutls28/libgnutls30
  • Introduced through: gnutls28/libgnutls30@3.7.9-2+deb12u5

Detailed paths

  • Introduced through: node@latest gnutls28/libgnutls30@3.7.9-2+deb12u5

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

There is no fixed version for Debian:12 gnutls28.

References

CVE-2025-9820 vulnerability report

low severity
new

NULL Pointer Dereference

  • Vulnerable module: harfbuzz/libharfbuzz0b
  • Introduced through: harfbuzz/libharfbuzz0b@6.0.0+dfsg-3

Detailed paths

  • Introduced through: node@latest harfbuzz/libharfbuzz0b@6.0.0+dfsg-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream harfbuzz package and not the harfbuzz package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.

Remediation

There is no fixed version for Debian:12 harfbuzz.

References

NULL Pointer Dereference vulnerability report

low severity

CVE-2024-26461

  • Vulnerable module: krb5/krb5-multidev
  • Introduced through: krb5/krb5-multidev@1.20.1-2+deb12u4, krb5/libgssapi-krb5-2@1.20.1-2+deb12u4 and others

Detailed paths

  • Introduced through: node@latest krb5/krb5-multidev@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libgssapi-krb5-2@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libgssrpc4@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libk5crypto3@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkadm5clnt-mit12@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkadm5srv-mit12@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkdb5-10@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5-3@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5-dev@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5support0@1.20.1-2+deb12u4

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

Remediation

There is no fixed version for Debian:12 krb5.

References

CVE-2024-26461 vulnerability report

low severity

Memory Leak

  • Vulnerable module: krb5/krb5-multidev
  • Introduced through: krb5/krb5-multidev@1.20.1-2+deb12u4, krb5/libgssapi-krb5-2@1.20.1-2+deb12u4 and others

Detailed paths

  • Introduced through: node@latest krb5/krb5-multidev@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libgssapi-krb5-2@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libgssrpc4@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libk5crypto3@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkadm5clnt-mit12@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkadm5srv-mit12@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkdb5-10@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5-3@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5-dev@1.20.1-2+deb12u4
  • Introduced through: node@latest krb5/libkrb5support0@1.20.1-2+deb12u4

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.

Remediation

There is no fixed version for Debian:12 krb5.

References

Memory Leak vulnerability report

low severity

CVE-2025-29070

  • Vulnerable module: lcms2/liblcms2-2
  • Introduced through: lcms2/liblcms2-2@2.14-2 and lcms2/liblcms2-dev@2.14-2

Detailed paths

  • Introduced through: node@latest lcms2/liblcms2-2@2.14-2
  • Introduced through: node@latest lcms2/liblcms2-dev@2.14-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream lcms2 package and not the lcms2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A heap buffer overflow vulnerability has been identified in thesmooth2() in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there only as a helper for low-level programming and investigation."

Remediation

There is no fixed version for Debian:12 lcms2.

References

CVE-2025-29070 vulnerability report

low severity

CVE-2023-51792

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.11-1+deb12u2

Detailed paths

  • Introduced through: node@latest libde265/libde265-0@1.0.11-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libde265 package and not the libde265 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.

Remediation

There is no fixed version for Debian:12 libde265.

References

CVE-2023-51792 vulnerability report

low severity

CVE-2024-38949

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.11-1+deb12u2

Detailed paths

  • Introduced through: node@latest libde265/libde265-0@1.0.11-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libde265 package and not the libde265 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc

Remediation

There is no fixed version for Debian:12 libde265.

References

CVE-2024-38949 vulnerability report

low severity

CVE-2024-38950

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.11-1+deb12u2

Detailed paths

  • Introduced through: node@latest libde265/libde265-0@1.0.11-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libde265 package and not the libde265 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.

Remediation

There is no fixed version for Debian:12 libde265.

References

CVE-2024-38950 vulnerability report

low severity

Information Exposure

  • Vulnerable module: libgcrypt20
  • Introduced through: libgcrypt20@1.10.1-3

Detailed paths

  • Introduced through: node@latest libgcrypt20@1.10.1-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libgcrypt20 package and not the libgcrypt20 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

Remediation

There is no fixed version for Debian:12 libgcrypt20.

References

Information Exposure vulnerability report

low severity

CVE-2024-25269

  • Vulnerable module: libheif/libheif1
  • Introduced through: libheif/libheif1@1.15.1-1+deb12u1

Detailed paths

  • Introduced through: node@latest libheif/libheif1@1.15.1-1+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libheif package and not the libheif package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.

Remediation

There is no fixed version for Debian:12 libheif.

References

CVE-2024-25269 vulnerability report

low severity
new

Out-of-bounds Read

  • Vulnerable module: libheif/libheif1
  • Introduced through: libheif/libheif1@1.15.1-1+deb12u1

Detailed paths

  • Introduced through: node@latest libheif/libheif1@1.15.1-1+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libheif package and not the libheif package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay(). The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to size_t and is passed to memcpy, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using iovl overlay boxes.

Remediation

There is no fixed version for Debian:12 libheif.

References

Out-of-bounds Read vulnerability report

low severity
new

Out-of-bounds Read

  • Vulnerable module: libpng1.6/libpng-dev
  • Introduced through: libpng1.6/libpng-dev@1.6.39-2+deb12u1 and libpng1.6/libpng16-16@1.6.39-2+deb12u1

Detailed paths

  • Introduced through: node@latest libpng1.6/libpng-dev@1.6.39-2+deb12u1
  • Introduced through: node@latest libpng1.6/libpng16-16@1.6.39-2+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libpng1.6 package and not the libpng1.6 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018. This vulnerability is fixed in 1.6.54.

Remediation

There is no fixed version for Debian:12 libpng1.6.

References

Out-of-bounds Read vulnerability report

low severity
new

Out-of-bounds Read

  • Vulnerable module: libpng1.6/libpng-dev
  • Introduced through: libpng1.6/libpng-dev@1.6.39-2+deb12u1 and libpng1.6/libpng16-16@1.6.39-2+deb12u1

Detailed paths

  • Introduced through: node@latest libpng1.6/libpng-dev@1.6.39-2+deb12u1
  • Introduced through: node@latest libpng1.6/libpng16-16@1.6.39-2+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libpng1.6 package and not the libpng1.6 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions png_write_image_16bit and png_write_image_8bit causes heap buffer over-read when the caller provides a negative row stride (for bottom-up image layouts) or a stride exceeding 65535 bytes. The bug was introduced in libpng 1.6.26 (October 2016) by casts added to silence compiler warnings on 16-bit systems. This vulnerability is fixed in 1.6.54.

Remediation

There is no fixed version for Debian:12 libpng1.6.

References

Out-of-bounds Read vulnerability report

low severity
new

CVE-2025-13151

  • Vulnerable module: libtasn1-6
  • Introduced through: libtasn1-6@4.19.0-2+deb12u1

Detailed paths

  • Introduced through: node@latest libtasn1-6@4.19.0-2+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libtasn1-6 package and not the libtasn1-6 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.

Remediation

There is no fixed version for Debian:12 libtasn1-6.

References

CVE-2025-13151 vulnerability report

low severity

Directory Traversal

  • Vulnerable module: mariadb/libmariadb-dev
  • Introduced through: mariadb/libmariadb-dev@1:10.11.14-0+deb12u2, mariadb/libmariadb-dev-compat@1:10.11.14-0+deb12u2 and others

Detailed paths

  • Introduced through: node@latest mariadb/libmariadb-dev@1:10.11.14-0+deb12u2
  • Introduced through: node@latest mariadb/libmariadb-dev-compat@1:10.11.14-0+deb12u2
  • Introduced through: node@latest mariadb/libmariadb3@1:10.11.14-0+deb12u2
  • Introduced through: node@latest mariadb/mariadb-common@1:10.11.14-0+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream mariadb package and not the mariadb package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

The specific flaw exists within the handling of view names. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27000.

Remediation

There is no fixed version for Debian:12 mariadb.

References

Directory Traversal vulnerability report

low severity

CVE-2024-31047

  • Vulnerable module: openexr/libopenexr-3-1-30
  • Introduced through: openexr/libopenexr-3-1-30@3.1.5-5 and openexr/libopenexr-dev@3.1.5-5

Detailed paths

  • Introduced through: node@latest openexr/libopenexr-3-1-30@3.1.5-5
  • Introduced through: node@latest openexr/libopenexr-dev@3.1.5-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openexr package and not the openexr package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service (DoS) via the convert function of exrmultipart.cpp.

Remediation

There is no fixed version for Debian:12 openexr.

References

CVE-2024-31047 vulnerability report

low severity
new

Heap-based Buffer Overflow

  • Vulnerable module: openexr/libopenexr-3-1-30
  • Introduced through: openexr/libopenexr-3-1-30@3.1.5-5 and openexr/libopenexr-dev@3.1.5-5

Detailed paths

  • Introduced through: node@latest openexr/libopenexr-3-1-30@3.1.5-5
  • Introduced through: node@latest openexr/libopenexr-dev@3.1.5-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openexr package and not the openexr package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of EXR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27946.

Remediation

There is no fixed version for Debian:12 openexr.

References

Heap-based Buffer Overflow vulnerability report

low severity
new

Heap-based Buffer Overflow

  • Vulnerable module: openexr/libopenexr-3-1-30
  • Introduced through: openexr/libopenexr-3-1-30@3.1.5-5 and openexr/libopenexr-dev@3.1.5-5

Detailed paths

  • Introduced through: node@latest openexr/libopenexr-3-1-30@3.1.5-5
  • Introduced through: node@latest openexr/libopenexr-dev@3.1.5-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openexr package and not the openexr package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of EXR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27948.

Remediation

There is no fixed version for Debian:12 openexr.

References

Heap-based Buffer Overflow vulnerability report

low severity
new

Heap-based Buffer Overflow

  • Vulnerable module: openexr/libopenexr-3-1-30
  • Introduced through: openexr/libopenexr-3-1-30@3.1.5-5 and openexr/libopenexr-dev@3.1.5-5

Detailed paths

  • Introduced through: node@latest openexr/libopenexr-3-1-30@3.1.5-5
  • Introduced through: node@latest openexr/libopenexr-dev@3.1.5-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openexr package and not the openexr package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of EXR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27947.

Remediation

There is no fixed version for Debian:12 openexr.

References

Heap-based Buffer Overflow vulnerability report

low severity

Resource Exhaustion

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

Resource Exhaustion vulnerability report

low severity

Resource Exhaustion

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

Resource Exhaustion vulnerability report

low severity

Resource Exhaustion

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.5.0-2+deb12u2 and openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

Detailed paths

  • Introduced through: node@latest openjpeg2/libopenjp2-7@2.5.0-2+deb12u2
  • Introduced through: node@latest openjpeg2/libopenjp2-7-dev@2.5.0-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjpeg2 package and not the openjpeg2 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.

Remediation

There is no fixed version for Debian:12 openjpeg2.

References

Resource Exhaustion vulnerability report

low severity
new

Out-of-bounds Read

  • Vulnerable module: openldap/libldap-2.5-0
  • Introduced through: openldap/libldap-2.5-0@2.5.13+dfsg-5

Detailed paths

  • Introduced through: node@latest openldap/libldap-2.5-0@2.5.13+dfsg-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

OpenLDAP Lightning Memory-Mapped Database (LMDB) versions up to and including 0.9.14, prior to commit 8e1fda8, contain a heap buffer underflow in the readline() function of mdb_load. When processing malformed input containing an embedded NUL byte, an unsigned offset calculation can underflow and cause an out-of-bounds read of one byte before the allocated heap buffer. This can cause mdb_load to crash, leading to a limited denial-of-service condition.

Remediation

There is no fixed version for Debian:12 openldap.

References

Out-of-bounds Read vulnerability report

low severity

Failure to Sanitize Special Element

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)

Remediation

There is no fixed version for Debian:12 openssh.

References

Failure to Sanitize Special Element vulnerability report

low severity

Improper Neutralization of Null Byte or NUL Character

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:9.2p1-2+deb12u7

Detailed paths

  • Introduced through: node@latest openssh/openssh-client@1:9.2p1-2+deb12u7

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

Remediation

There is no fixed version for Debian:12 openssh.

References

Improper Neutralization of Null Byte or NUL Character vulnerability report

low severity

CVE-2025-27587

  • Vulnerable module: openssl
  • Introduced through: openssl@3.0.18-1~deb12u1, openssl/libssl-dev@3.0.18-1~deb12u1 and others

Detailed paths

  • Introduced through: node@latest openssl@3.0.18-1~deb12u1
  • Introduced through: node@latest openssl/libssl-dev@3.0.18-1~deb12u1
  • Introduced through: node@latest openssl/libssl3@3.0.18-1~deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API, and then using the private key to extract the K value (nonce) from the signatures. Next, based on the bit size of the extracted nonce, one can compare the signing time of full-sized nonces to signatures that used smaller nonces, via statistical tests. There is a side-channel in the P-364 curve that allows private key extraction (also, there is a dependency between the bit size of K and the size of the side channel). NOTE: This CVE is disputed because the OpenSSL security policy explicitly notes that any side channels which require same physical system to be detected are outside of the threat model for the software. The timing signal is so small that it is infeasible to be detected without having the attacking process running on the same physical system.

Remediation

There is no fixed version for Debian:12 openssl.

References

CVE-2025-27587 vulnerability report

low severity

CVE-2025-4516

  • Vulnerable module: python3.11
  • Introduced through: python3.11@3.11.2-6+deb12u6, python3.11/libpython3.11-minimal@3.11.2-6+deb12u6 and others

Detailed paths

  • Introduced through: node@latest python3.11@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-minimal@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-stdlib@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/python3.11-minimal@3.11.2-6+deb12u6

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.11 package and not the python3.11 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

There is an issue in CPython when using bytes.decode(&#34;unicode_escape&#34;, error=&#34;ignore|replace&#34;). If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.

Remediation

There is no fixed version for Debian:12 python3.11.

References

CVE-2025-4516 vulnerability report

low severity

CVE-2025-6069

  • Vulnerable module: python3.11
  • Introduced through: python3.11@3.11.2-6+deb12u6, python3.11/libpython3.11-minimal@3.11.2-6+deb12u6 and others

Detailed paths

  • Introduced through: node@latest python3.11@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-minimal@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-stdlib@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/python3.11-minimal@3.11.2-6+deb12u6

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.11 package and not the python3.11 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

Remediation

There is no fixed version for Debian:12 python3.11.

References

CVE-2025-6069 vulnerability report

low severity

CVE-2025-6075

  • Vulnerable module: python3.11
  • Introduced through: python3.11@3.11.2-6+deb12u6, python3.11/libpython3.11-minimal@3.11.2-6+deb12u6 and others

Detailed paths

  • Introduced through: node@latest python3.11@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-minimal@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-stdlib@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/python3.11-minimal@3.11.2-6+deb12u6

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.11 package and not the python3.11 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.

Remediation

There is no fixed version for Debian:12 python3.11.

References

CVE-2025-6075 vulnerability report

low severity

CVE-2025-8194

  • Vulnerable module: python3.11
  • Introduced through: python3.11@3.11.2-6+deb12u6, python3.11/libpython3.11-minimal@3.11.2-6+deb12u6 and others

Detailed paths

  • Introduced through: node@latest python3.11@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-minimal@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-stdlib@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/python3.11-minimal@3.11.2-6+deb12u6

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.11 package and not the python3.11 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives.

This vulnerability can be mitigated by including the following patch after importing the “tarfile” module:  https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1

Remediation

There is no fixed version for Debian:12 python3.11.

References

CVE-2025-8194 vulnerability report

low severity

CVE-2025-8291

  • Vulnerable module: python3.11
  • Introduced through: python3.11@3.11.2-6+deb12u6, python3.11/libpython3.11-minimal@3.11.2-6+deb12u6 and others

Detailed paths

  • Introduced through: node@latest python3.11@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-minimal@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/libpython3.11-stdlib@3.11.2-6+deb12u6
  • Introduced through: node@latest python3.11/python3.11-minimal@3.11.2-6+deb12u6

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.11 package and not the python3.11 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations.

Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.

Remediation

There is no fixed version for Debian:12 python3.11.

References

CVE-2025-8291 vulnerability report

low severity

CVE-2024-56433

  • Vulnerable module: shadow/login
  • Introduced through: shadow/login@1:4.13+dfsg1-1+deb12u2 and shadow/passwd@1:4.13+dfsg1-1+deb12u2

Detailed paths

  • Introduced through: node@latest shadow/login@1:4.13+dfsg1-1+deb12u2
  • Introduced through: node@latest shadow/passwd@1:4.13+dfsg1-1+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.

Remediation

There is no fixed version for Debian:12 shadow.

References

CVE-2024-56433 vulnerability report

low severity

CVE-2025-7709

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.40.1-2+deb12u2 and sqlite3/libsqlite3-dev@3.40.1-2+deb12u2

Detailed paths

  • Introduced through: node@latest sqlite3/libsqlite3-0@3.40.1-2+deb12u2
  • Introduced through: node@latest sqlite3/libsqlite3-dev@3.40.1-2+deb12u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html  extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.

Remediation

There is no fixed version for Debian:12 sqlite3.

References

CVE-2025-7709 vulnerability report

low severity

Server-Side Request Forgery (SSRF)

  • Vulnerable module: wget
  • Introduced through: wget@1.21.3-1+deb12u1

Detailed paths

  • Introduced through: node@latest wget@1.21.3-1+deb12u1

NVD Description

Note: Versions mentioned in the description apply only to the upstream wget package and not the wget package as distributed by Debian. See How to fix? for Debian:12 relevant fixed versions and status.

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.

Remediation

There is no fixed version for Debian:12 wget.

References

Server-Side Request Forgery (SSRF) vulnerability report