NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-1010022
• https://sourceware.org/bugzilla/show_bug.cgi?id=22850
• https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3
• https://ubuntu.com/security/CVE-2019-1010022

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds.

Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a large minimum count, the byte length mincount * l could overflow SSize_t, producing an undersized SvGROW allocation; the subsequent copy writes past the end of the buffer.

A caller that compiles an attacker-controlled regular expression on a 32-bit perl build triggers a heap buffer overflow at compile time.

Remediation

There is no fixed version for Debian:13 perl.

References

• https://security-tracker.debian.org/tracker/CVE-2026-8376
• https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch
• http://www.openwall.com/lists/oss-security/2026/05/26/1

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.

Remediation

There is no fixed version for Debian:13 tar.

References

• https://security-tracker.debian.org/tracker/CVE-2005-2541
• http://marc.info/?l=bugtraq&m=112327628230258&w=2
• https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
• https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-1010023
• https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS
• https://sourceware.org/bugzilla/show_bug.cgi?id=22851
• http://www.securityfocus.com/bid/109167
• https://ubuntu.com/security/CVE-2019-1010023
• https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution, allowing the attacker to run unauthorized commands, or cause a denial of service, making the system unavailable.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2026-6846
• https://access.redhat.com/security/cve/CVE-2026-6846
• https://bugzilla.redhat.com/show_bug.cgi?id=2460006

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-5244
• https://sourceware.org/bugzilla/attachment.cgi?id=16010
• https://sourceware.org/bugzilla/show_bug.cgi?id=32858
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5
• https://vuldb.com/?ctiid.310346
• https://vuldb.com/?id.310346
• https://vuldb.com/?submit.584634
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://cert-portal.siemens.com/productcert/html/ssa-265688.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-5245
• https://sourceware.org/bugzilla/attachment.cgi?id=16004
• https://sourceware.org/bugzilla/show_bug.cgi?id=32829
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a
• https://vuldb.com/?ctiid.310347
• https://vuldb.com/?id.310347
• https://vuldb.com/?submit.584635
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://cert-portal.siemens.com/productcert/html/ssa-265688.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-7546
• https://sourceware.org/bugzilla/attachment.cgi?id=16118
• https://sourceware.org/bugzilla/show_bug.cgi?id=33050#c2
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=41461010eb7c79fee7a9d5f6209accdaac66cc6b
• https://vuldb.com/?ctiid.316244
• https://vuldb.com/?id.316244
• https://vuldb.com/?submit.614375
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://cert-portal.siemens.com/productcert/html/ssa-265688.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=33050

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-7545
• https://sourceware.org/bugzilla/attachment.cgi?id=16117
• https://sourceware.org/bugzilla/show_bug.cgi?id=33049
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944
• https://vuldb.com/?ctiid.316243
• https://vuldb.com/?id.316243
• https://vuldb.com/?submit.614355
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://cert-portal.siemens.com/productcert/html/ssa-265688.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=33049#c1

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11083
• https://sourceware.org/bugzilla/attachment.cgi?id=16353
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9ca499644a21ceb3f946d1c179c38a83be084490
• https://vuldb.com/?ctiid.326124
• https://vuldb.com/?id.326124
• https://vuldb.com/?submit.661277
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=33457
• https://sourceware.org/bugzilla/show_bug.cgi?id=33457#c1

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11082
• https://sourceware.org/bugzilla/attachment.cgi?id=16358
• https://sourceware.org/bugzilla/show_bug.cgi?id=33464
• https://sourceware.org/bugzilla/show_bug.cgi?id=33464#c2
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea1a0737c7692737a644af0486b71e4a392cbca8
• https://vuldb.com/?ctiid.326123
• https://vuldb.com/?id.326123
• https://vuldb.com/?submit.661276
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

Remediation

There is no fixed version for Debian:13 expat.

References

• https://security-tracker.debian.org/tracker/CVE-2026-25210
• https://github.com/libexpat/libexpat/pull/1075
• https://github.com/libexpat/libexpat/pull/1075/commits/9c2d990389e6abe2e44527eeaa8b39f16fe859c7

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.

Remediation

There is no fixed version for Debian:13 ncurses.

References

• https://security-tracker.debian.org/tracker/CVE-2025-69720
• https://github.com/Cao-Wuhui/CVE-2025-69720
• https://invisible-island.net/archives/ncurses/6.5/
• https://invisible-island.net/ncurses/
• https://marc.info/?l=ncurses-bug&m=176539968328570&w=2
• https://marc.info/?l=ncurses-bug&m=176540731801330&w=2
• https://marc.info/?l=ncurses-bug&m=176545557728083&w=2

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2007-0086
• http://www.securityfocus.com/archive/1/455833/100/0/threaded
• http://www.securityfocus.com/archive/1/455879/100/0/threaded
• http://www.securityfocus.com/archive/1/455882/100/0/threaded
• http://www.securityfocus.com/archive/1/455920/100/0/threaded
• http://osvdb.org/33456

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-66864
• https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash5.md

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-66866
• https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash6.md

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-69649
• https://sourceware.org/bugzilla/show_bug.cgi?id=33697
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=66a3492ce68e1ae45b2489bd9a815c39ea5d7f66

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array. As a result, process_got_section_contents() may pass an uninitialized r_symbol pointer to free(), leading to a double free and terminating the program with SIGABRT. No evidence of exploitable memory corruption or code execution was observed; the impact is limited to denial of service. NOTE: this is disputed by third parties because the observed behavior occurred only in pre-release code and did not affect any tagged version.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-69650
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea4bc025abdba85a90e26e13f551c16a44bfa921
• https://sourceware.org/bugzilla/show_bug.cgi?id=33700
• https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=81e90cf63a10ad11772c2437c8f2a88f1a00c739
• https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=ea4bc025abdba85a90e26e13f551c16a44bfa92
• https://sourceware.org/bugzilla/show_bug.cgi?id=33698

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Using libcurl, when a custom Host: header is first set for an HTTP request and a second request is subsequently done using the same easy handle but without the custom Host: header set, the second request would use stale information and pass on cookies meant for the first host in the second request. Leak them.

Remediation

There is no fixed version for Debian:13 curl.

References

• https://security-tracker.debian.org/tracker/CVE-2026-6276
• https://curl.se/docs/CVE-2026-6276.html
• https://curl.se/docs/CVE-2026-6276.json
• http://www.openwall.com/lists/oss-security/2026/04/29/13
• https://hackerone.com/reports/3671818

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

libcurl might in some circumstances reuse the wrong connection for SMB(S) transfers.

libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead.

When reusing a connection a range of criteria must be met. Due to a logical error in the code, a network transfer operation that was requested by an application could wrongfully reuse an existing SMB connection to the same server that was using a different 'share' than the new subsequent transfer should.

This could in unlucky situations lead to the download of the wrong file or the upload of a file to the wrong place. When this happens, the same credentials are used and the server name is the same.

Remediation

There is no fixed version for Debian:13 curl.

References

• https://security-tracker.debian.org/tracker/CVE-2026-5773
• https://curl.se/docs/CVE-2026-5773.html
• https://curl.se/docs/CVE-2026-5773.json
• http://www.openwall.com/lists/oss-security/2026/04/29/9
• https://hackerone.com/reports/3650689

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2018-20796
• https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
• https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
• https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html
• https://security.netapp.com/advisory/ntap-20190315-0002/
• http://www.securityfocus.com/bid/107160
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20796
• https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\1\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-9192
• https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
• https://sourceware.org/bugzilla/show_bug.cgi?id=24269
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9192
• https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream jansson package and not the jansson package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification

Remediation

There is no fixed version for Debian:13 jansson.

References

• https://security-tracker.debian.org/tracker/CVE-2020-36325
• https://github.com/akheron/jansson/issues/548

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

Remediation

There is no fixed version for Debian:13 krb5.

References

• https://security-tracker.debian.org/tracker/CVE-2018-5709
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
• https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
• https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-5709
• https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

Remediation

There is no fixed version for Debian:13 openldap.

References

• https://security-tracker.debian.org/tracker/CVE-2015-3276
• http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
• https://bugzilla.redhat.com/show_bug.cgi?id=1238322
• http://rhn.redhat.com/errata/RHSA-2015-2131.html
• http://www.securitytracker.com/id/1034221
• https://access.redhat.com/errata/RHSA-2015:2131
• https://access.redhat.com/security/cve/CVE-2015-3276

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

Remediation

There is no fixed version for Debian:13 openldap.

References

• https://security-tracker.debian.org/tracker/CVE-2017-17740
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17740
• http://www.openldap.org/its/index.cgi/Incoming?id=8759
• http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html
• http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html
• https://kc.mcafee.com/corporate/index?page=content&id=SB10365
• https://www.oracle.com/security-alerts/cpuapr2022.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Remediation

There is no fixed version for Debian:13 patch.

References

• https://security-tracker.debian.org/tracker/CVE-2018-6952
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
• https://security.gentoo.org/glsa/201904-17
• https://savannah.gnu.org/bugs/index.php?53133
• https://access.redhat.com/errata/RHSA-2019:2033
• http://www.securityfocus.com/bid/103047
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6952

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.

Remediation

There is no fixed version for Debian:13 patch.

References

• https://security-tracker.debian.org/tracker/CVE-2018-6951
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6951
• https://security.gentoo.org/glsa/201904-17
• https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a
• https://savannah.gnu.org/bugs/index.php?53132
• http://www.securityfocus.com/bid/103044
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6951
• https://usn.ubuntu.com/3624-1/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. The attack may be launched remotely. The name of the patch is 256d04b60d80bf1190e96b0ad1e91b2174d744b1. A patch should be applied to remediate this issue.

Remediation

There is no fixed version for Debian:13 libssh2.

References

• https://security-tracker.debian.org/tracker/CVE-2026-7598
• https://github.com/libssh2/libssh2/
• https://github.com/libssh2/libssh2/commit/256d04b60d80bf1190e96b0ad1e91b2174d744b1
• https://github.com/libssh2/libssh2/pull/1858
• https://vuldb.com/vuln/360555
• https://vuldb.com/vuln/360555/cti
• https://vuldb.com/submit/805564

NVD Description

Note: Versions mentioned in the description apply only to the upstream m4 package and not the m4 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.

Remediation

There is no fixed version for Debian:13 m4.

References

• https://security-tracker.debian.org/tracker/CVE-2008-1687
• http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
• http://www.vupen.com/english/advisories/2008/1151/references
• http://xforce.iss.net/xforce/xfdb/41706
• http://www.openwall.com/lists/oss-security/2008/04/07/1
• http://www.openwall.com/lists/oss-security/2008/04/07/12
• http://www.openwall.com/lists/oss-security/2008/04/07/3
• http://www.openwall.com/lists/oss-security/2008/04/07/4
• http://secunia.com/advisories/29671
• http://secunia.com/advisories/29729
• http://www.securityfocus.com/bid/28688
• https://exchange.xforce.ibmcloud.com/vulnerabilities/41706

NVD Description

Note: Versions mentioned in the description apply only to the upstream m4 package and not the m4 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.

Remediation

There is no fixed version for Debian:13 m4.

References

• https://security-tracker.debian.org/tracker/CVE-2008-1688
• http://osvdb.org/44272
• http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
• http://www.vupen.com/english/advisories/2008/1151/references
• http://xforce.iss.net/xforce/xfdb/41704
• http://www.openwall.com/lists/oss-security/2008/04/07/1
• http://www.openwall.com/lists/oss-security/2008/04/07/3
• http://secunia.com/advisories/29671
• http://secunia.com/advisories/29729
• http://www.securityfocus.com/bid/28688
• https://exchange.xforce.ibmcloud.com/vulnerabilities/41704

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2026-3442
• https://access.redhat.com/security/cve/CVE-2026-3442
• https://bugzilla.redhat.com/show_bug.cgi?id=2443828

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2026-3441
• https://access.redhat.com/security/cve/CVE-2026-3441
• https://bugzilla.redhat.com/show_bug.cgi?id=2443826

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2018-20712
• https://support.f5.com/csp/article/K38336243
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20712
• https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629
• https://sourceware.org/bugzilla/show_bug.cgi?id=24043
• http://www.securityfocus.com/bid/106563
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20712

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2021-32256
• https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1927070
• https://security.netapp.com/advisory/ntap-20230824-0013/

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTP(S) request after a Negotiate-authenticated one, when both use the same host.

libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead.

When reusing a connection a range of criteria must be met. Due to a logical error in the code, a request that was issued by an application could wrongfully reuse an existing connection to the same server that was authenticated using different credentials.

An application that first uses Negotiate authentication to a server with user1:password1 and then does another operation to the same server asking for any authentication method but for user2:password2 (while the previous connection is still alive) - the second request gets confused and wrongly reuses the same connection and sends the new request over that connection thinking it uses a mix of user1's and user2's credentials when it is in fact still using the connection authenticated for user1...

Remediation

There is no fixed version for Debian:13 curl.

References

• https://security-tracker.debian.org/tracker/CVE-2026-5545
• https://curl.se/docs/CVE-2026-5545.html
• https://curl.se/docs/CVE-2026-5545.json
• https://hackerone.com/reports/3642555

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2007-3303
• http://www.securityfocus.com/archive/1/469899/100/0/threaded
• http://www.securityfocus.com/archive/1/471832/100/0/threaded
• http://security.psnc.pl/files/apache_report.pdf
• http://osvdb.org/37050
• http://www.securityfocus.com/bid/24215
• http://securityreason.com/securityalert/2814

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.

Remediation

There is no fixed version for Debian:13 libxml2.

References

• https://security-tracker.debian.org/tracker/CVE-2026-1757
• https://access.redhat.com/security/cve/CVE-2026-1757
• https://bugzilla.redhat.com/show_bug.cgi?id=2435940
• https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009
• https://access.redhat.com/errata/RHSA-2026:7519

NVD Description

Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.

Remediation

There is no fixed version for Debian:13 shadow.

References

• https://security-tracker.debian.org/tracker/CVE-2007-5686
• http://www.securityfocus.com/archive/1/482129/100/100/threaded
• http://www.securityfocus.com/archive/1/482857/100/0/threaded
• https://issues.rpath.com/browse/RPL-1825
• http://secunia.com/advisories/27215
• http://www.securityfocus.com/bid/26048
• http://www.vupen.com/english/advisories/2007/3474

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2026-4647
• https://access.redhat.com/security/cve/CVE-2026-4647
• https://bugzilla.redhat.com/show_bug.cgi?id=2450302
• https://sourceware.org/bugzilla/show_bug.cgi?id=33919

NVD Description

Note: Versions mentioned in the description apply only to the upstream util-linux package and not the util-linux package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam() function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

Remediation

There is no fixed version for Debian:13 util-linux.

References

• https://security-tracker.debian.org/tracker/CVE-2025-14104
• https://access.redhat.com/security/cve/CVE-2025-14104
• https://bugzilla.redhat.com/show_bug.cgi?id=2419369
• https://access.redhat.com/errata/RHSA-2026:1696
• https://access.redhat.com/errata/RHSA-2026:1852
• https://access.redhat.com/errata/RHSA-2026:1913
• https://access.redhat.com/errata/RHSA-2026:2485
• https://access.redhat.com/errata/RHSA-2026:2563
• https://access.redhat.com/errata/RHSA-2026:2737
• https://access.redhat.com/errata/RHSA-2026:2800
• https://access.redhat.com/errata/RHSA-2026:3406
• https://access.redhat.com/errata/RHSA-2026:4943
• https://access.redhat.com/errata/RHSA-2026:7180

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1153
• https://sourceware.org/bugzilla/show_bug.cgi?id=32603
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150
• https://vuldb.com/?ctiid.295057
• https://vuldb.com/?id.295057
• https://vuldb.com/?submit.489991
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250404-0005/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.

Remediation

There is no fixed version for Debian:13 libxml2.

References

• https://security-tracker.debian.org/tracker/CVE-2026-0990
• https://access.redhat.com/security/cve/CVE-2026-0990
• https://bugzilla.redhat.com/show_bug.cgi?id=2429959
• https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018
• https://access.redhat.com/errata/RHSA-2026:7519

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1178
• https://sourceware.org/bugzilla/attachment.cgi?id=15914
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75086e9de1707281172cc77f178e7949a4414ed0
• https://vuldb.com/?ctiid.295081
• https://vuldb.com/?id.295081
• https://vuldb.com/?submit.495369
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250411-0008/
• https://sourceware.org/bugzilla/show_bug.cgi?id=32638

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2017-13716
• https://sourceware.org/bugzilla/show_bug.cgi?id=22009
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13716

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain partially uninitialized. Later, process_got_section_contents() may attempt to free an invalid r_symbol pointer, triggering memory corruption checks in glibc and causing the program to terminate with SIGABRT. No evidence of further memory corruption or code execution was observed; the impact is limited to denial of service. NOTE: this is disputed by third parties because the observed behavior occurred only in pre-release code and did not affect any tagged version.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-69651
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea4bc025abdba85a90e26e13f551c16a44bfa921
• https://sourceware.org/bugzilla/show_bug.cgi?id=33698
• https://sourceware.org/bugzilla/show_bug.cgi?id=33700
• https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=81e90cf63a10ad11772c2437c8f2a88f1a00c739
• https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=ea4bc025abdba85a90e26e13f551c16a44bfa92

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-3198
• https://sourceware.org/bugzilla/show_bug.cgi?id=32716#c0
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d
• https://vuldb.com/?ctiid.303151
• https://vuldb.com/?id.303151
• https://www.gnu.org/
• https://vuldb.com/?submit.545773
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://cert-portal.siemens.com/productcert/html/ssa-265688.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=32716

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggested to install a patch to address this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11081
• https://github.com/user-attachments/files/20623354/hdf5_crash_3.txt
• https://sourceware.org/bugzilla/show_bug.cgi?id=33406
• https://sourceware.org/bugzilla/show_bug.cgi?id=33406#c2
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f87a66db645caf8cc0e6fc87b0c28c78a38af59b
• https://vuldb.com/?ctiid.326122
• https://vuldb.com/?id.326122
• https://vuldb.com/?submit.661275
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11495
• https://sourceware.org/bugzilla/attachment.cgi?id=16393
• https://sourceware.org/bugzilla/show_bug.cgi?id=33502
• https://sourceware.org/bugzilla/show_bug.cgi?id=33502#c3
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0
• https://vuldb.com/?ctiid.327620
• https://vuldb.com/?id.327620
• https://vuldb.com/?submit.668290
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11414
• https://sourceware.org/bugzilla/attachment.cgi?id=16361
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aeaaa9af6359c8e394ce9cf24911fec4f4d23703
• https://vuldb.com/?ctiid.327350
• https://vuldb.com/?id.327350
• https://vuldb.com/?submit.665591
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=33450

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11413
• https://sourceware.org/bugzilla/attachment.cgi?id=16362
• https://sourceware.org/bugzilla/show_bug.cgi?id=33456#c10
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=72efdf166aa0ed72ecc69fc2349af6591a7a19c0
• https://vuldb.com/?ctiid.327349
• https://vuldb.com/?id.327349
• https://vuldb.com/?submit.665587
• https://www.gnu.org/
• https://vuldb.com/?submit.665590
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=33452

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11412
• https://sourceware.org/bugzilla/attachment.cgi?id=16378
• https://sourceware.org/bugzilla/show_bug.cgi?id=33452#c8
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=047435dd988a3975d40c6626a8f739a0b2e154bc
• https://vuldb.com/?ctiid.327348
• https://vuldb.com/?id.327348
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=33452

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11494
• https://sourceware.org/bugzilla/attachment.cgi?id=16389
• https://sourceware.org/bugzilla/show_bug.cgi?id=33499
• https://sourceware.org/bugzilla/show_bug.cgi?id=33499#c2
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a
• https://vuldb.com/?ctiid.327619
• https://vuldb.com/?id.327619
• https://vuldb.com/?submit.668281
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing a manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. This patch is called 16357. It is best practice to apply a patch to resolve this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11840
• https://sourceware.org/bugzilla/attachment.cgi?id=16351
• https://sourceware.org/bugzilla/attachment.cgi?id=16357
• https://sourceware.org/bugzilla/show_bug.cgi?id=33455
• https://vuldb.com/?ctiid.328775
• https://vuldb.com/?id.328775
• https://vuldb.com/?submit.661281
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2018-20673
• https://sourceware.org/bugzilla/show_bug.cgi?id=24039
• http://www.securityfocus.com/bid/106454
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20673

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead to an out-of-memory condition. The other, a null pointer dereference (CWE-476), can cause a segmentation fault. Both issues can result in the readelf utility becoming unresponsive or crashing, leading to a denial of service.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2026-6844
• https://access.redhat.com/security/cve/CVE-2026-6844
• https://bugzilla.redhat.com/show_bug.cgi?id=2460016

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11839
• https://sourceware.org/bugzilla/attachment.cgi?id=16344
• https://vuldb.com/?ctiid.328774
• https://vuldb.com/?id.328774
• https://vuldb.com/?submit.661279
• https://www.gnu.org/
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=33448

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2018-9996
• https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304
• http://www.securityfocus.com/bid/103733
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-9996

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

Remediation

There is no fixed version for Debian:13 expat.

References

• https://security-tracker.debian.org/tracker/CVE-2025-66382
• https://github.com/libexpat/libexpat/issues/1076
• http://www.openwall.com/lists/oss-security/2025/12/02/1
• https://cert-portal.siemens.com/productcert/html/ssa-082556.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

libexpat before 2.7.5 allows an infinite loop while parsing DTD content.

Remediation

There is no fixed version for Debian:13 expat.

References

• https://security-tracker.debian.org/tracker/CVE-2026-32777
• https://github.com/libexpat/libexpat/issues/1161
• https://github.com/libexpat/libexpat/pull/1159
• https://github.com/libexpat/libexpat/pull/1162
• https://issues.oss-fuzz.com/issues/486993411

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.

Remediation

There is no fixed version for Debian:13 expat.

References

• https://security-tracker.debian.org/tracker/CVE-2026-32776
• https://github.com/libexpat/libexpat/pull/1158
• https://github.com/libexpat/libexpat/pull/1159

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.

Remediation

There is no fixed version for Debian:13 expat.

References

• https://security-tracker.debian.org/tracker/CVE-2026-32778
• https://github.com/libexpat/libexpat/pull/1159
• https://github.com/libexpat/libexpat/pull/1163

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.

Remediation

There is no fixed version for Debian:13 patch.

References

• https://security-tracker.debian.org/tracker/CVE-2021-45261
• https://savannah.gnu.org/bugs/?61685

NVD Description

Note: Versions mentioned in the description apply only to the upstream re2c package and not the re2c package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

re2c before 2.0 has uncontrolled recursion that causes stack consumption in find_fixed_tags.

Remediation

There is no fixed version for Debian:13 re2c.

References

• https://security-tracker.debian.org/tracker/CVE-2018-21232
• https://github.com/skvadrik/re2c/issues/219
• https://www.openwall.com/lists/oss-security/2020/04/27/2
• http://www.openwall.com/lists/oss-security/2020/05/14/4
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-21232

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files onto a system without detection.

Remediation

There is no fixed version for Debian:13 tar.

References

• https://security-tracker.debian.org/tracker/CVE-2026-5704
• https://access.redhat.com/security/cve/CVE-2026-5704
• https://bugzilla.redhat.com/show_bug.cgi?id=2455360
• http://www.openwall.com/lists/oss-security/2026/04/11/10
• http://www.openwall.com/lists/oss-security/2026/04/11/11
• http://www.openwall.com/lists/oss-security/2026/04/12/2

NVD Description

Note: Versions mentioned in the description apply only to the upstream util-linux package and not the util-linux package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.

Remediation

There is no fixed version for Debian:13 util-linux.

References

• https://security-tracker.debian.org/tracker/CVE-2022-0563
• https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
• https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u
• https://security.gentoo.org/glsa/202401-08
• https://security.netapp.com/advisory/ntap-20220331-0002/

NVD Description

Note: Versions mentioned in the description apply only to the upstream zlib package and not the zlib package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.

Remediation

There is no fixed version for Debian:13 zlib.

References

• https://security-tracker.debian.org/tracker/CVE-2026-27171
• https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/
• https://github.com/madler/zlib/releases/tag/v1.3.2
• https://ostif.org/zlib-audit-complete/
• https://github.com/madler/zlib/issues/904
• https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.

Remediation

There is no fixed version for Debian:13 patch.

References

• https://security-tracker.debian.org/tracker/CVE-2010-4651
• http://support.apple.com/kb/HT4723
• http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
• http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html
• http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html
• http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1
• http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html
• http://www.vupen.com/english/advisories/2011/0600
• http://openwall.com/lists/oss-security/2011/01/05/10
• http://openwall.com/lists/oss-security/2011/01/06/19
• http://openwall.com/lists/oss-security/2011/01/06/20
• http://openwall.com/lists/oss-security/2011/01/06/21
• https://bugzilla.redhat.com/show_bug.cgi?id=667529
• http://secunia.com/advisories/43663
• http://secunia.com/advisories/43677
• http://www.securityfocus.com/bid/46768
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2010-4651

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2003-1307
• http://www.securityfocus.com/archive/1/348368
• http://www.securityfocus.com/archive/1/449234/100/0/threaded
• http://www.securityfocus.com/archive/1/449298/100/0/threaded
• http://bugs.php.net/38915
• http://hackerdom.ru/~dimmo/phpexpl.c
• http://www.securityfocus.com/bid/9302

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2007-1743
• http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2
• http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2
• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511
• http://www.securitytracker.com/id?1017904

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1147
• https://sourceware.org/bugzilla/attachment.cgi?id=15881
• https://sourceware.org/bugzilla/show_bug.cgi?id=32556
• https://vuldb.com/?ctiid.295051
• https://vuldb.com/?id.295051
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250404-0003/
• https://vuldb.com/?submit.485254

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Successfully using libcurl to do a transfer over a specific HTTP proxy (proxyA) with Digest authentication and then changing the proxy host to a second one (proxyB) for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Proxy-Authorization: header field meant for proxyA, to proxyB.

Remediation

There is no fixed version for Debian:13 curl.

References

• https://security-tracker.debian.org/tracker/CVE-2026-7168
• https://curl.se/docs/CVE-2026-7168.html
• https://curl.se/docs/CVE-2026-7168.json
• http://www.openwall.com/lists/oss-security/2026/04/29/14
• https://hackerone.com/reports/3697719

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-1010024
• https://support.f5.com/csp/article/K06046097
• https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
• https://sourceware.org/bugzilla/show_bug.cgi?id=22852
• http://www.securityfocus.com/bid/109162
• https://ubuntu.com/security/CVE-2019-1010024
• https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-1010025
• https://support.f5.com/csp/article/K06046097
• https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
• https://sourceware.org/bugzilla/show_bug.cgi?id=22853
• https://ubuntu.com/security/CVE-2019-1010025
• https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

• https://security-tracker.debian.org/tracker/CVE-2023-31439
• https://github.com/kastel-security/Journald
• https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf
• https://github.com/systemd/systemd/pull/28885
• https://github.com/systemd/systemd/releases

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

• https://security-tracker.debian.org/tracker/CVE-2023-31438
• https://github.com/kastel-security/Journald
• https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf
• https://github.com/systemd/systemd/pull/28886
• https://github.com/systemd/systemd/releases

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

• https://security-tracker.debian.org/tracker/CVE-2023-31437
• https://github.com/kastel-security/Journald
• https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf
• https://github.com/systemd/systemd/releases

NVD Description

Note: Versions mentioned in the description apply only to the upstream util-linux package and not the util-linux package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in util-linux. Improper hostname canonicalization in the login(1) utility, when invoked with the -h option, can modify the supplied remote hostname before setting PAM_RHOST. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.

Remediation

There is no fixed version for Debian:13 util-linux.

References

• https://security-tracker.debian.org/tracker/CVE-2026-3184
• https://access.redhat.com/errata/RHSA-2026:7180
• https://access.redhat.com/security/cve/CVE-2026-3184
• https://bugzilla.redhat.com/show_bug.cgi?id=2442570

NVD Description

Note: Versions mentioned in the description apply only to the upstream xz-utils package and not the xz-utils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzma_index_decoder() was used to decode an Index that contained no Records, the resulting lzma_index was left in a state where where a subsequent lzma_index_append() would allocate too little memory, and a buffer overflow would occur. This issue has been patched in version 5.8.3.

Remediation

There is no fixed version for Debian:13 xz-utils.

References

• https://security-tracker.debian.org/tracker/CVE-2026-34743
• https://github.com/tukaani-project/xz/commit/c8c22869e780ff57c96b46939c3d79ff99395f87
• https://github.com/tukaani-project/xz/releases/tag/v5.8.3
• https://github.com/tukaani-project/xz/security/advisories/GHSA-x872-m794-cxhv
• http://www.openwall.com/lists/oss-security/2026/03/31/13

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2026-6845
• https://access.redhat.com/security/cve/CVE-2026-6845
• https://bugzilla.redhat.com/show_bug.cgi?id=2460012

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1176
• https://sourceware.org/bugzilla/attachment.cgi?id=15913
• https://sourceware.org/bugzilla/show_bug.cgi?id=32636
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f9978defb6fab0bd8583942d97c112b0932ac814
• https://vuldb.com/?ctiid.295079
• https://vuldb.com/?id.295079
• https://vuldb.com/?submit.495329
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250411-0007/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1181
• https://sourceware.org/bugzilla/attachment.cgi?id=15918
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=931494c9a89558acb36a03a340c01726545eef24
• https://vuldb.com/?ctiid.295084
• https://vuldb.com/?id.295084
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250425-0007/
• https://sourceware.org/bugzilla/show_bug.cgi?id=32643
• https://vuldb.com/?submit.495402

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1182
• https://sourceware.org/bugzilla/attachment.cgi?id=15919
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b425859021d17adf62f06fb904797cf8642986ad
• https://vuldb.com/?ctiid.295086
• https://vuldb.com/?id.295086
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=32644
• https://vuldb.com/?submit.495407

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.

Remediation

There is no fixed version for Debian:13 coreutils.

References

• https://security-tracker.debian.org/tracker/CVE-2017-18018
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018
• http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as demonstrated by openldap-initscript.

Remediation

There is no fixed version for Debian:13 openldap.

References

• https://security-tracker.debian.org/tracker/CVE-2017-14159
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14159
• http://www.openldap.org/its/index.cgi?findid=8703
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-14159
• https://www.oracle.com/security-alerts/cpuapr2022.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.

Remediation

There is no fixed version for Debian:13 coreutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-5278
• https://access.redhat.com/security/cve/CVE-2025-5278
• https://bugzilla.redhat.com/show_bug.cgi?id=2368764
• http://www.openwall.com/lists/oss-security/2025/05/27/2
• http://www.openwall.com/lists/oss-security/2025/05/29/1
• https://cgit.git.savannah.gnu.org/cgit/coreutils.git/tree/NEWS?id=8c9602e3a145e9596dc1a63c6ed67865814b6633#n14
• http://www.openwall.com/lists/oss-security/2025/05/29/2
• https://debbugs.gnu.org/cgi/bugreport.cgi?bug=78507
• https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.

Remediation

There is no fixed version for Debian:13 systemd.

References

• https://security-tracker.debian.org/tracker/CVE-2013-4392
• http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
• http://www.openwall.com/lists/oss-security/2013/10/01/9
• https://bugzilla.redhat.com/show_bug.cgi?id=859060

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2003-1580
• http://www.securityfocus.com/archive/1/313867

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2010-4756
• http://cxib.net/stuff/glob-0day.c
• http://securityreason.com/achievement_securityalert/89
• http://securityreason.com/exploitalert/9223
• https://bugzilla.redhat.com/show_bug.cgi?id=681681
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756
• https://security.netapp.com/advisory/ntap-20241108-0002/

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnutls28 package and not the gnutls28 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Remediation

There is no fixed version for Debian:13 gnutls28.

References

• https://security-tracker.debian.org/tracker/CVE-2011-3389
• http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
• http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
• http://support.apple.com/kb/HT4999
• http://support.apple.com/kb/HT5001
• http://support.apple.com/kb/HT5130
• http://support.apple.com/kb/HT5281
• http://support.apple.com/kb/HT5501
• http://support.apple.com/kb/HT6150
• http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
• http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
• http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
• http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
• http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
• http://www.us-cert.gov/cas/techalerts/TA12-010A.html
• http://www.kb.cert.org/vuls/id/864643
• http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
• http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
• http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
• http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
• http://curl.haxx.se/docs/adv_20120124B.html
• http://downloads.asterisk.org/pub/security/AST-2016-001.html
• http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
• https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
• https://bugzilla.novell.com/show_bug.cgi?id=719047
• https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
• http://technet.microsoft.com/security/advisory/2588513
• http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
• http://www.ibm.com/developerworks/java/jdk/alerts/
• http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
• http://www.opera.com/docs/changelogs/mac/1151/
• http://www.opera.com/docs/changelogs/mac/1160/
• http://www.opera.com/docs/changelogs/unix/1151/
• http://www.opera.com/docs/changelogs/unix/1160/
• http://www.opera.com/docs/changelogs/windows/1151/
• http://www.opera.com/docs/changelogs/windows/1160/
• http://www.opera.com/support/kb/view/1004/
• http://www.debian.org/security/2012/dsa-2398
• http://security.gentoo.org/glsa/glsa-201203-02.xml
• http://security.gentoo.org/glsa/glsa-201406-32.xml
• https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
• http://marc.info/?l=bugtraq&m=132750579901589&w=2
• http://marc.info/?l=bugtraq&m=132872385320240&w=2
• http://marc.info/?l=bugtraq&m=133365109612558&w=2
• http://marc.info/?l=bugtraq&m=133728004526190&w=2
• http://marc.info/?l=bugtraq&m=134254866602253&w=2
• http://marc.info/?l=bugtraq&m=134254957702612&w=2
• http://ekoparty.org/2011/juliano-rizzo.php
• http://eprint.iacr.org/2004/111
• http://eprint.iacr.org/2006/136
• http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
• https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
• http://vnhacker.blogspot.com/2011/09/beast.html
• http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
• http://www.insecure.cl/Beast-SSL.rar
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
• http://technet.microsoft.com/security/bulletin/MS12-006
• http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
• http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
• http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
• http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
• http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
• http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
• http://osvdb.org/74829
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752
• https://bugzilla.redhat.com/show_bug.cgi?id=737506
• http://rhn.redhat.com/errata/RHSA-2012-0508.html
• http://rhn.redhat.com/errata/RHSA-2013-1455.html
• http://secunia.com/advisories/45791
• http://secunia.com/advisories/47998
• http://secunia.com/advisories/48256
• http://secunia.com/advisories/48692
• http://secunia.com/advisories/48915
• http://secunia.com/advisories/48948
• http://secunia.com/advisories/49198
• http://secunia.com/advisories/55322
• http://secunia.com/advisories/55350
• http://secunia.com/advisories/55351
• http://www.securityfocus.com/bid/49388
• http://www.securityfocus.com/bid/49778
• http://www.securitytracker.com/id?1025997
• http://www.securitytracker.com/id?1026103
• http://www.securitytracker.com/id?1026704
• http://www.securitytracker.com/id/1029190
• http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
• https://hermes.opensuse.org/messages/13154861
• https://hermes.opensuse.org/messages/13155432
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2011-3389
• http://www.ubuntu.com/usn/USN-1263-1
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:058
• http://www.redhat.com/support/errata/RHSA-2011-1384.html
• http://www.redhat.com/support/errata/RHSA-2012-0006.html
• https://github.com/mpgn/BEAST-PoC

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.

Remediation

There is no fixed version for Debian:13 sqlite3.

References

• https://security-tracker.debian.org/tracker/CVE-2021-45346
• https://github.com/guyinatuxedo/sqlite3_record_leaking
• https://security.netapp.com/advisory/ntap-20220303-0001/
• https://sqlite.org/forum/forumpost/056d557c2f8c452ed5
• https://sqlite.org/forum/forumpost/53de8864ba114bf6
• https://www.sqlite.org/cves.html#status_of_recent_sqlite_cves

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.

Remediation

There is no fixed version for Debian:13 openldap.

References

• https://security-tracker.debian.org/tracker/CVE-2020-15719
• https://access.redhat.com/errata/RHBA-2019:3674
• https://bugs.openldap.org/show_bug.cgi?id=9266
• https://bugzilla.redhat.com/show_bug.cgi?id=1740070
• http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html
• http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html
• https://kc.mcafee.com/corporate/index?page=content&id=SB10365
• https://www.oracle.com/security-alerts/cpuapr2022.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2001-1534
• http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
• http://www.securityfocus.com/bid/3521
• http://www.iss.net/security_center/static/7494.php

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2008-0456
• https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
• http://support.apple.com/kb/HT3549
• http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
• http://www.securityfocus.com/archive/1/486847/100/0/threaded
• http://www.us-cert.gov/cas/techalerts/TA09-133A.html
• http://security.gentoo.org/glsa/glsa-200803-19.xml
• http://www.mindedsecurity.com/MSA01150108.html
• https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
• http://rhn.redhat.com/errata/RHSA-2013-0130.html
• http://securitytracker.com/id?1019256
• http://secunia.com/advisories/29348
• http://secunia.com/advisories/35074
• http://www.securityfocus.com/bid/27409
• http://securityreason.com/securityalert/3575
• http://www.vupen.com/english/advisories/2009/1297
• https://exchange.xforce.ibmcloud.com/vulnerabilities/39893
• https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2003-1581
• http://www.securityfocus.com/archive/1/313867

NVD Description

Note: Versions mentioned in the description apply only to the upstream apt package and not the apt package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.

Remediation

There is no fixed version for Debian:13 apt.

References

• https://security-tracker.debian.org/tracker/CVE-2011-3374
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
• https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
• https://seclists.org/fulldisclosure/2011/Sep/221
• https://snyk.io/vuln/SNYK-LINUX-APT-116518
• https://ubuntu.com/security/CVE-2011-3374
• https://access.redhat.com/security/cve/cve-2011-3374

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1152
• https://sourceware.org/bugzilla/attachment.cgi?id=15887
• https://sourceware.org/bugzilla/show_bug.cgi?id=32576
• https://vuldb.com/?ctiid.295056
• https://vuldb.com/?id.295056
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.

Remediation

There is no fixed version for Debian:13 libxml2.

References

• https://security-tracker.debian.org/tracker/CVE-2026-0989
• https://access.redhat.com/security/cve/CVE-2026-0989
• https://bugzilla.redhat.com/show_bug.cgi?id=2429933
• https://gitlab.gnome.org/GNOME/libxml2/-/issues/998
• https://access.redhat.com/errata/RHSA-2026:7519

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-8225
• https://gitlab.com/gnutools/binutils-gdb/-/commit/e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4
• https://vuldb.com/?ctiid.317813
• https://vuldb.com/?id.317813
• https://vuldb.com/?submit.621883
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that "[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all."

Remediation

There is no fixed version for Debian:13 libxml2.

References

• https://security-tracker.debian.org/tracker/CVE-2025-8732
• https://drive.google.com/file/d/1woIeYVcSQB_NwfEhaVnX6MedpWJ_nqWl/view?usp=drive_link
• https://gitlab.gnome.org/GNOME/libxml2/-/issues/958
• https://gitlab.gnome.org/GNOME/libxml2/-/issues/958#note_2505853
• https://vuldb.com/?ctiid.319228
• https://vuldb.com/?id.319228
• https://vuldb.com/?submit.622285