Vulnerabilities |
184 via 816 paths |
---|---|
Dependencies |
469 |
Source |
Docker |
Target OS |
debian:13 |
high severity
- Vulnerable module: libxslt/libxslt1-dev
- Introduced through: libxslt/libxslt1-dev@1.1.35-1.2 and libxslt/libxslt1.1@1.1.35-1.2
Detailed paths
-
Introduced through: python@latest › libxslt/libxslt1-dev@1.1.35-1.2
-
Introduced through: python@latest › libxslt/libxslt1.1@1.1.35-1.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxslt
package and not the libxslt
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.
Remediation
There is no fixed version for Debian:13
libxslt
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-7425
- https://access.redhat.com/security/cve/CVE-2025-7425
- https://bugzilla.redhat.com/show_bug.cgi?id=2379274
- https://access.redhat.com/errata/RHSA-2025:12447
- https://access.redhat.com/errata/RHSA-2025:12450
- https://access.redhat.com/errata/RHSA-2025:13267
- https://access.redhat.com/errata/RHSA-2025:13313
- https://access.redhat.com/errata/RHSA-2025:13314
- https://access.redhat.com/errata/RHSA-2025:13308
- https://access.redhat.com/errata/RHSA-2025:13309
- https://access.redhat.com/errata/RHSA-2025:13310
- https://access.redhat.com/errata/RHSA-2025:13311
- https://access.redhat.com/errata/RHSA-2025:13312
- https://access.redhat.com/errata/RHSA-2025:13335
- https://access.redhat.com/errata/RHSA-2025:13464
- https://access.redhat.com/errata/RHSA-2025:13622
- https://access.redhat.com/errata/RHSA-2025:14059
- https://access.redhat.com/errata/RHSA-2025:14396
- https://gitlab.gnome.org/GNOME/libxslt/-/issues/140
high severity
- Vulnerable module: libxslt/libxslt1-dev
- Introduced through: libxslt/libxslt1-dev@1.1.35-1.2 and libxslt/libxslt1.1@1.1.35-1.2
- Fixed in: 1.1.35-1.2+deb13u1
Detailed paths
-
Introduced through: python@latest › libxslt/libxslt1-dev@1.1.35-1.2
-
Introduced through: python@latest › libxslt/libxslt1.1@1.1.35-1.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxslt
package and not the libxslt
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.
Remediation
Upgrade Debian:13
libxslt
to version 1.1.35-1.2+deb13u1 or higher.
References
medium severity
- Vulnerable module: libxslt/libxslt1-dev
- Introduced through: libxslt/libxslt1-dev@1.1.35-1.2 and libxslt/libxslt1.1@1.1.35-1.2
- Fixed in: 1.1.35-1.2+deb13u1
Detailed paths
-
Introduced through: python@latest › libxslt/libxslt1-dev@1.1.35-1.2
-
Introduced through: python@latest › libxslt/libxslt1.1@1.1.35-1.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxslt
package and not the libxslt
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information.
Remediation
Upgrade Debian:13
libxslt
to version 1.1.35-1.2+deb13u1 or higher.
References
- https://security-tracker.debian.org/tracker/CVE-2023-40403
- http://seclists.org/fulldisclosure/2023/Oct/10
- http://seclists.org/fulldisclosure/2023/Oct/3
- http://seclists.org/fulldisclosure/2023/Oct/4
- http://seclists.org/fulldisclosure/2023/Oct/5
- http://seclists.org/fulldisclosure/2023/Oct/6
- http://seclists.org/fulldisclosure/2023/Oct/8
- http://seclists.org/fulldisclosure/2023/Oct/9
- https://support.apple.com/en-us/HT213927
- https://support.apple.com/en-us/HT213931
- https://support.apple.com/en-us/HT213932
- https://support.apple.com/en-us/HT213936
- https://support.apple.com/en-us/HT213937
- https://support.apple.com/en-us/HT213938
- https://support.apple.com/en-us/HT213940
medium severity
new
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This can likely be used to leak subsequent memory contents into the output image. This issue has been patched in version 7.1.2-1.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.41-12, glibc/libc-dev-bin@2.41-12 and others
Detailed paths
-
Introduced through: python@latest › glibc/libc-bin@2.41-12
-
Introduced through: python@latest › glibc/libc-dev-bin@2.41-12
-
Introduced through: python@latest › glibc/libc6@2.41-12
-
Introduced through: python@latest › glibc/libc6-dev@2.41-12
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
Remediation
There is no fixed version for Debian:13
glibc
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
- https://security-tracker.debian.org/tracker/CVE-2023-34152
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/
- https://access.redhat.com/security/cve/CVE-2023-34152
- https://bugzilla.redhat.com/show_bug.cgi?id=2210659
- https://github.com/ImageMagick/ImageMagick/issues/6339
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename
function. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs (%%
). Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: tar
- Introduced through: tar@1.35+dfsg-3.1
Detailed paths
-
Introduced through: python@latest › tar@1.35+dfsg-3.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream tar
package and not the tar
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.
Remediation
There is no fixed version for Debian:13
tar
.
References
- https://security-tracker.debian.org/tracker/CVE-2005-2541
- http://marc.info/?l=bugtraq&m=112327628230258&w=2
- https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
- https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release).
Remediation
There is no fixed version for Debian:13
tiff
.
References
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.41-12, glibc/libc-dev-bin@2.41-12 and others
Detailed paths
-
Introduced through: python@latest › glibc/libc-bin@2.41-12
-
Introduced through: python@latest › glibc/libc-dev-bin@2.41-12
-
Introduced through: python@latest › glibc/libc6@2.41-12
-
Introduced through: python@latest › glibc/libc6-dev@2.41-12
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
Remediation
There is no fixed version for Debian:13
glibc
.
References
- https://security-tracker.debian.org/tracker/CVE-2019-1010023
- https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS
- https://sourceware.org/bugzilla/show_bug.cgi?id=22851
- http://www.securityfocus.com/bid/109167
- https://ubuntu.com/security/CVE-2019-1010023
- https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS
low severity
- Vulnerable module: libwmf/libwmf-0.2-7
- Introduced through: libwmf/libwmf-0.2-7@0.2.13-1.1+b3, libwmf/libwmf-dev@0.2.13-1.1+b3 and others
Detailed paths
-
Introduced through: python@latest › libwmf/libwmf-0.2-7@0.2.13-1.1+b3
-
Introduced through: python@latest › libwmf/libwmf-dev@0.2.13-1.1+b3
-
Introduced through: python@latest › libwmf/libwmflite-0.2-7@0.2.13-1.1+b3
NVD Description
Note: Versions mentioned in the description apply only to the upstream libwmf
package and not the libwmf
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.
Remediation
There is no fixed version for Debian:13
libwmf
.
References
- https://security-tracker.debian.org/tracker/CVE-2009-3546
- http://marc.info/?l=oss-security&m=125562113503923&w=2
- http://svn.php.net/viewvc?view=revision&revision=289557
- http://www.vupen.com/english/advisories/2009/2929
- http://www.vupen.com/english/advisories/2009/2930
- http://www.openwall.com/lists/oss-security/2009/11/20/5
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11199
- http://secunia.com/advisories/37069
- http://secunia.com/advisories/37080
- http://secunia.com/advisories/38055
- http://www.securityfocus.com/bid/36712
- https://access.redhat.com/errata/RHSA-2010:0003
- https://access.redhat.com/errata/RHSA-2010:0040
- https://access.redhat.com/security/cve/CVE-2009-3546
- https://bugzilla.redhat.com/show_bug.cgi?id=529213
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:285
- http://www.redhat.com/support/errata/RHSA-2010-0003.html
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
- https://security-tracker.debian.org/tracker/CVE-2016-9580
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9580
- https://security.gentoo.org/glsa/201710-26
- https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
- https://github.com/uclouvain/openjpeg/issues/871
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9580
- http://www.securityfocus.com/bid/94822
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
- https://security-tracker.debian.org/tracker/CVE-2016-9581
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9581
- https://security.gentoo.org/glsa/201710-26
- https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
- https://github.com/uclouvain/openjpeg/issues/872
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9581
- http://www.securityfocus.com/bid/94822
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.
Remediation
There is no fixed version for Debian:13
tiff
.
References
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue
Remediation
There is no fixed version for Debian:13
tiff
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device.
The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19909.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-7546
- https://sourceware.org/bugzilla/attachment.cgi?id=16118
- https://sourceware.org/bugzilla/show_bug.cgi?id=33050#c2
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=41461010eb7c79fee7a9d5f6209accdaac66cc6b
- https://vuldb.com/?ctiid.316244
- https://vuldb.com/?id.316244
- https://vuldb.com/?submit.614375
- https://www.gnu.org/
- https://sourceware.org/bugzilla/show_bug.cgi?id=33050
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-7545
- https://sourceware.org/bugzilla/attachment.cgi?id=16117
- https://sourceware.org/bugzilla/show_bug.cgi?id=33049
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944
- https://vuldb.com/?ctiid.316243
- https://vuldb.com/?id.316243
- https://vuldb.com/?submit.614355
- https://www.gnu.org/
- https://sourceware.org/bugzilla/show_bug.cgi?id=33049#c1
low severity
- Vulnerable module: tcl8.6
- Introduced through: tcl8.6@8.6.16+dfsg-1, tcl8.6/libtcl8.6@8.6.16+dfsg-1 and others
Detailed paths
-
Introduced through: python@latest › tcl8.6@8.6.16+dfsg-1
-
Introduced through: python@latest › tcl8.6/libtcl8.6@8.6.16+dfsg-1
-
Introduced through: python@latest › tcl8.6/tcl8.6-dev@8.6.16+dfsg-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream tcl8.6
package and not the tcl8.6
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding
Remediation
There is no fixed version for Debian:13
tcl8.6
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: git
- Introduced through: git@1:2.47.2-0.2 and git/git-man@1:2.47.2-0.2
Detailed paths
-
Introduced through: python@latest › git@1:2.47.2-0.2
-
Introduced through: python@latest › git/git-man@1:2.47.2-0.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option. Note: This has been disputed by multiple 3rd parties who believe this is an intended feature of the git binary and does not pose a security risk.
Remediation
There is no fixed version for Debian:13
git
.
References
- https://security-tracker.debian.org/tracker/CVE-2022-24975
- https://lore.kernel.org/git/xmqq4k14qe9g.fsf%40gitster.g/
- https://github.com/git/git/blob/2dc94da3744bfbbf145eca587a0f5ff480cc5867/Documentation/git-clone.txt#L185-L191
- https://www.aquasec.com/blog/undetected-hard-code-secrets-expose-corporations/
- https://wwws.nightwatchcybersecurity.com/2022/02/11/gitbleed/
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.41-12, glibc/libc-dev-bin@2.41-12 and others
Detailed paths
-
Introduced through: python@latest › glibc/libc-bin@2.41-12
-
Introduced through: python@latest › glibc/libc-dev-bin@2.41-12
-
Introduced through: python@latest › glibc/libc6@2.41-12
-
Introduced through: python@latest › glibc/libc6-dev@2.41-12
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep.
Remediation
There is no fixed version for Debian:13
glibc
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-20796
- https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
- https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
- https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html
- https://security.netapp.com/advisory/ntap-20190315-0002/
- http://www.securityfocus.com/bid/107160
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20796
- https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.41-12, glibc/libc-dev-bin@2.41-12 and others
Detailed paths
-
Introduced through: python@latest › glibc/libc-bin@2.41-12
-
Introduced through: python@latest › glibc/libc-dev-bin@2.41-12
-
Introduced through: python@latest › glibc/libc6@2.41-12
-
Introduced through: python@latest › glibc/libc6-dev@2.41-12
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\1\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern
Remediation
There is no fixed version for Debian:13
glibc
.
References
- https://security-tracker.debian.org/tracker/CVE-2019-9192
- https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
- https://sourceware.org/bugzilla/show_bug.cgi?id=24269
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9192
- https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS
low severity
- Vulnerable module: jansson/libjansson4
- Introduced through: jansson/libjansson4@2.14-2+b3
Detailed paths
-
Introduced through: python@latest › jansson/libjansson4@2.14-2+b3
NVD Description
Note: Versions mentioned in the description apply only to the upstream jansson
package and not the jansson
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification
Remediation
There is no fixed version for Debian:13
jansson
.
References
low severity
- Vulnerable module: krb5/krb5-multidev
- Introduced through: krb5/krb5-multidev@1.21.3-5, krb5/libgssapi-krb5-2@1.21.3-5 and others
Detailed paths
-
Introduced through: python@latest › krb5/krb5-multidev@1.21.3-5
-
Introduced through: python@latest › krb5/libgssapi-krb5-2@1.21.3-5
-
Introduced through: python@latest › krb5/libgssrpc4t64@1.21.3-5
-
Introduced through: python@latest › krb5/libk5crypto3@1.21.3-5
-
Introduced through: python@latest › krb5/libkadm5clnt-mit12@1.21.3-5
-
Introduced through: python@latest › krb5/libkadm5srv-mit12@1.21.3-5
-
Introduced through: python@latest › krb5/libkdb5-10t64@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5-3@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5-dev@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5support0@1.21.3-5
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5
package and not the krb5
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.
Remediation
There is no fixed version for Debian:13
krb5
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-5709
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
- https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-5709
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: libgcrypt20
- Introduced through: libgcrypt20@1.11.0-7
Detailed paths
-
Introduced through: python@latest › libgcrypt20@1.11.0-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream libgcrypt20
package and not the libgcrypt20
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
Remediation
There is no fixed version for Debian:13
libgcrypt20
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-6829
- https://github.com/weikengchen/attack-on-libgcrypt-elgamal
- https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki
- https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html
- https://www.oracle.com/security-alerts/cpujan2020.html
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: openldap/libldap-dev
- Introduced through: openldap/libldap-dev@2.6.10+dfsg-1 and openldap/libldap2@2.6.10+dfsg-1
Detailed paths
-
Introduced through: python@latest › openldap/libldap-dev@2.6.10+dfsg-1
-
Introduced through: python@latest › openldap/libldap2@2.6.10+dfsg-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.
Remediation
There is no fixed version for Debian:13
openldap
.
References
- https://security-tracker.debian.org/tracker/CVE-2015-3276
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1238322
- http://rhn.redhat.com/errata/RHSA-2015-2131.html
- http://www.securitytracker.com/id/1034221
- https://access.redhat.com/errata/RHSA-2015:2131
- https://access.redhat.com/security/cve/CVE-2015-3276
low severity
- Vulnerable module: openldap/libldap-dev
- Introduced through: openldap/libldap-dev@2.6.10+dfsg-1 and openldap/libldap2@2.6.10+dfsg-1
Detailed paths
-
Introduced through: python@latest › openldap/libldap-dev@2.6.10+dfsg-1
-
Introduced through: python@latest › openldap/libldap2@2.6.10+dfsg-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
Remediation
There is no fixed version for Debian:13
openldap
.
References
- https://security-tracker.debian.org/tracker/CVE-2017-17740
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17740
- http://www.openldap.org/its/index.cgi/Incoming?id=8759
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html
- https://kc.mcafee.com/corporate/index?page=content&id=SB10365
- https://www.oracle.com/security-alerts/cpuapr2022.html
low severity
- Vulnerable module: patch
- Introduced through: patch@2.8-2
Detailed paths
-
Introduced through: python@latest › patch@2.8-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream patch
package and not the patch
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
Remediation
There is no fixed version for Debian:13
patch
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-6952
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
- https://security.gentoo.org/glsa/201904-17
- https://savannah.gnu.org/bugs/index.php?53133
- https://access.redhat.com/errata/RHSA-2019:2033
- http://www.securityfocus.com/bid/103047
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6952
low severity
- Vulnerable module: patch
- Introduced through: patch@2.8-2
Detailed paths
-
Introduced through: python@latest › patch@2.8-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream patch
package and not the patch
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.
Remediation
There is no fixed version for Debian:13
patch
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-6951
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6951
- https://security.gentoo.org/glsa/201904-17
- https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a
- https://savannah.gnu.org/bugs/index.php?53132
- http://www.securityfocus.com/bid/103044
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6951
- https://usn.ubuntu.com/3624-1/
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2017-16232
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16232
- http://packetstormsecurity.com/files/150896/LibTIFF-4.0.8-Memory-Leak.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00036.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00041.html
- http://www.openwall.com/lists/oss-security/2017/11/01/11
- http://www.openwall.com/lists/oss-security/2017/11/01/3
- http://www.openwall.com/lists/oss-security/2017/11/01/7
- http://www.openwall.com/lists/oss-security/2017/11/01/8
- http://seclists.org/fulldisclosure/2018/Dec/32
- http://seclists.org/fulldisclosure/2018/Dec/47
- http://www.securityfocus.com/bid/101696
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
Remediation
There is no fixed version for Debian:13
openssh
.
References
- https://security-tracker.debian.org/tracker/CVE-2020-15778
- https://security.netapp.com/advisory/ntap-20200731-0007/
- https://github.com/cpandya2909/CVE-2020-15778/
- https://news.ycombinator.com/item?id=25005567
- https://www.openssh.com/security.html
- https://github.com/cpandya2909/CVE-2020-15778#example
- https://access.redhat.com/errata/RHSA-2024:3166
- https://security.gentoo.org/glsa/202212-06
- https://github.com/Neko-chanQwQ/CVE-2020-15778-Exploit
low severity
- Vulnerable module: m4
- Introduced through: m4@1.4.19-8
Detailed paths
-
Introduced through: python@latest › m4@1.4.19-8
NVD Description
Note: Versions mentioned in the description apply only to the upstream m4
package and not the m4
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.
Remediation
There is no fixed version for Debian:13
m4
.
References
- https://security-tracker.debian.org/tracker/CVE-2008-1687
- http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
- http://www.vupen.com/english/advisories/2008/1151/references
- http://xforce.iss.net/xforce/xfdb/41706
- http://www.openwall.com/lists/oss-security/2008/04/07/1
- http://www.openwall.com/lists/oss-security/2008/04/07/12
- http://www.openwall.com/lists/oss-security/2008/04/07/3
- http://www.openwall.com/lists/oss-security/2008/04/07/4
- http://secunia.com/advisories/29671
- http://secunia.com/advisories/29729
- http://www.securityfocus.com/bid/28688
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41706
low severity
- Vulnerable module: m4
- Introduced through: m4@1.4.19-8
Detailed paths
-
Introduced through: python@latest › m4@1.4.19-8
NVD Description
Note: Versions mentioned in the description apply only to the upstream m4
package and not the m4
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.
Remediation
There is no fixed version for Debian:13
m4
.
References
- https://security-tracker.debian.org/tracker/CVE-2008-1688
- http://osvdb.org/44272
- http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
- http://www.vupen.com/english/advisories/2008/1151/references
- http://xforce.iss.net/xforce/xfdb/41704
- http://www.openwall.com/lists/oss-security/2008/04/07/1
- http://www.openwall.com/lists/oss-security/2008/04/07/3
- http://secunia.com/advisories/29671
- http://secunia.com/advisories/29729
- http://www.securityfocus.com/bid/28688
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41704
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
Remediation
There is no fixed version for Debian:13
openssh
.
References
- https://security-tracker.debian.org/tracker/CVE-2023-51767
- https://access.redhat.com/security/cve/CVE-2023-51767
- https://arxiv.org/abs/2309.02545
- https://bugzilla.redhat.com/show_bug.cgi?id=2255850
- https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77
- https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878
- https://security.netapp.com/advisory/ntap-20240125-0006/
- https://ubuntu.com/security/CVE-2023-51767
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
Remediation
There is no fixed version for Debian:13
openssh
.
References
- https://security-tracker.debian.org/tracker/CVE-2019-6110
- https://www.exploit-db.com/exploits/46193/
- https://security.gentoo.org/glsa/201903-16
- https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c
- https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
- https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
- https://security.netapp.com/advisory/ntap-20190213-0001/
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-6110
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://www.exploit-db.com/exploits/46516
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-20712
- https://support.f5.com/csp/article/K38336243
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20712
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629
- https://sourceware.org/bugzilla/show_bug.cgi?id=24043
- http://www.securityfocus.com/bid/106563
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20712
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: cairo/libcairo-gobject2
- Introduced through: cairo/libcairo-gobject2@1.18.4-1+b1, cairo/libcairo-script-interpreter2@1.18.4-1+b1 and others
Detailed paths
-
Introduced through: python@latest › cairo/libcairo-gobject2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo-script-interpreter2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo2-dev@1.18.4-1+b1
NVD Description
Note: Versions mentioned in the description apply only to the upstream cairo
package and not the cairo
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).
Remediation
There is no fixed version for Debian:13
cairo
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-18064
- https://gitlab.freedesktop.org/cairo/cairo/issues/341
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-18064
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-15607
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15607
- https://github.com/ImageMagick/ImageMagick/issues/1255
- http://www.securityfocus.com/bid/105137
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-15607
- https://usn.ubuntu.com/4034-1/
low severity
- Vulnerable module: jbigkit/libjbig-dev
- Introduced through: jbigkit/libjbig-dev@2.1-6.1+b2 and jbigkit/libjbig0@2.1-6.1+b2
Detailed paths
-
Introduced through: python@latest › jbigkit/libjbig-dev@2.1-6.1+b2
-
Introduced through: python@latest › jbigkit/libjbig0@2.1-6.1+b2
NVD Description
Note: Versions mentioned in the description apply only to the upstream jbigkit
package and not the jbigkit
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.
Remediation
There is no fixed version for Debian:13
jbigkit
.
References
- https://security-tracker.debian.org/tracker/CVE-2017-9937
- http://bugzilla.maptools.org/show_bug.cgi?id=2707
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://www.securityfocus.com/bid/99304
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-9937
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: pixman/libpixman-1-0
- Introduced through: pixman/libpixman-1-0@0.44.0-3 and pixman/libpixman-1-dev@0.44.0-3
Detailed paths
-
Introduced through: python@latest › pixman/libpixman-1-0@0.44.0-3
-
Introduced through: python@latest › pixman/libpixman-1-dev@0.44.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream pixman
package and not the pixman
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c.
Remediation
There is no fixed version for Debian:13
pixman
.
References
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2022-1210
- https://gitlab.com/libtiff/libtiff/-/issues/402
- https://gitlab.com/libtiff/libtiff/uploads/c3da94e53cf1e1e8e6d4d3780dc8c42f/example.tiff
- https://security.gentoo.org/glsa/202210-10
- https://security.netapp.com/advisory/ntap-20220513-0005/
- https://vuldb.com/?id.196363
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2018-10126
- http://bugzilla.maptools.org/show_bug.cgi?id=2786
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-10126
- https://gitlab.com/libtiff/libtiff/-/issues/128
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: libwmf/libwmf-0.2-7
- Introduced through: libwmf/libwmf-0.2-7@0.2.13-1.1+b3, libwmf/libwmf-dev@0.2.13-1.1+b3 and others
Detailed paths
-
Introduced through: python@latest › libwmf/libwmf-0.2-7@0.2.13-1.1+b3
-
Introduced through: python@latest › libwmf/libwmf-dev@0.2.13-1.1+b3
-
Introduced through: python@latest › libwmf/libwmflite-0.2-7@0.2.13-1.1+b3
NVD Description
Note: Versions mentioned in the description apply only to the upstream libwmf
package and not the libwmf
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.
Remediation
There is no fixed version for Debian:13
libwmf
.
References
- https://security-tracker.debian.org/tracker/CVE-2007-3996
- http://www.debian.org/security/2008/dsa-1613
- http://security.gentoo.org/glsa/glsa-200712-13.xml
- http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
- http://bugs.gentoo.org/show_bug.cgi?id=201546
- http://securityreason.com/securityalert/3103
- http://secweb.se/en/advisories/php-imagecopyresized-integer-overflow/
- http://secweb.se/en/advisories/php-imagecreatetruecolor-integer-overflow/
- https://issues.rpath.com/browse/RPL-1693
- https://issues.rpath.com/browse/RPL-1702
- http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
- https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
- http://www.php.net/ChangeLog-5.php#5.2.4
- http://www.php.net/releases/5_2_4.php
- http://www.trustix.org/errata/2007/0026/
- http://www.vupen.com/english/advisories/2007/3023
- http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11147
- http://rhn.redhat.com/errata/RHSA-2007-0889.html
- http://secunia.com/advisories/26642
- http://secunia.com/advisories/26822
- http://secunia.com/advisories/26838
- http://secunia.com/advisories/26871
- http://secunia.com/advisories/26895
- http://secunia.com/advisories/26930
- http://secunia.com/advisories/26967
- http://secunia.com/advisories/27102
- http://secunia.com/advisories/27351
- http://secunia.com/advisories/27377
- http://secunia.com/advisories/27545
- http://secunia.com/advisories/28009
- http://secunia.com/advisories/28147
- http://secunia.com/advisories/28658
- http://secunia.com/advisories/31168
- http://www.ubuntu.com/usn/usn-557-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36382
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36383
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
- http://www.redhat.com/support/errata/RHSA-2007-0888.html
- http://www.redhat.com/support/errata/RHSA-2007-0890.html
- http://www.redhat.com/support/errata/RHSA-2007-0891.html
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
Remediation
There is no fixed version for Debian:13
openssh
.
References
low severity
- Vulnerable module: shadow/login.defs
- Introduced through: shadow/login.defs@1:4.17.4-2 and shadow/passwd@1:4.17.4-2
Detailed paths
-
Introduced through: python@latest › shadow/login.defs@1:4.17.4-2
-
Introduced through: python@latest › shadow/passwd@1:4.17.4-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream shadow
package and not the shadow
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.
Remediation
There is no fixed version for Debian:13
shadow
.
References
- https://security-tracker.debian.org/tracker/CVE-2007-5686
- http://www.securityfocus.com/archive/1/482129/100/100/threaded
- http://www.securityfocus.com/archive/1/482857/100/0/threaded
- https://issues.rpath.com/browse/RPL-1825
- http://secunia.com/advisories/27215
- http://www.securityfocus.com/bid/26048
- http://www.vupen.com/english/advisories/2007/3474
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.
Remediation
There is no fixed version for Debian:13
tiff
.
References
low severity
- Vulnerable module: wget
- Introduced through: wget@1.25.0-2
Detailed paths
-
Introduced through: python@latest › wget@1.25.0-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream wget
package and not the wget
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
Remediation
There is no fixed version for Debian:13
wget
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1153
- https://sourceware.org/bugzilla/show_bug.cgi?id=32603
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150
- https://vuldb.com/?ctiid.295057
- https://vuldb.com/?id.295057
- https://vuldb.com/?submit.489991
- https://www.gnu.org/
- https://security.netapp.com/advisory/ntap-20250404-0005/
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
Remediation
There is no fixed version for Debian:13
openssh
.
References
- https://security-tracker.debian.org/tracker/CVE-2020-14145
- https://security.netapp.com/advisory/ntap-20200709-0004/
- https://security.gentoo.org/glsa/202105-35
- https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
- https://docs.ssh-mitm.at/CVE-2020-14145.html
- https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
- https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
- https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
- http://www.openwall.com/lists/oss-security/2020/12/02/1
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device.
The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20852.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device.
The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20853.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device.
The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20854.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device.
The specific flaw exists within the handling of OBEX protocol parameters. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20937.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1178
- https://sourceware.org/bugzilla/attachment.cgi?id=15914
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75086e9de1707281172cc77f178e7949a4414ed0
- https://vuldb.com/?ctiid.295081
- https://vuldb.com/?id.295081
- https://vuldb.com/?submit.495369
- https://www.gnu.org/
- https://security.netapp.com/advisory/ntap-20250411-0008/
- https://sourceware.org/bugzilla/show_bug.cgi?id=32638
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-3198
- https://sourceware.org/bugzilla/show_bug.cgi?id=32716#c0
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d
- https://vuldb.com/?ctiid.303151
- https://vuldb.com/?id.303151
- https://vuldb.com/?submit.545773
- https://www.gnu.org/
- https://sourceware.org/bugzilla/show_bug.cgi?id=32716
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: cairo/libcairo-gobject2
- Introduced through: cairo/libcairo-gobject2@1.18.4-1+b1, cairo/libcairo-script-interpreter2@1.18.4-1+b1 and others
Detailed paths
-
Introduced through: python@latest › cairo/libcairo-gobject2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo-script-interpreter2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo2-dev@1.18.4-1+b1
NVD Description
Note: Versions mentioned in the description apply only to the upstream cairo
package and not the cairo
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
Remediation
There is no fixed version for Debian:13
cairo
.
References
- https://security-tracker.debian.org/tracker/CVE-2017-7475
- https://bugs.freedesktop.org/show_bug.cgi?id=100763
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://seclists.org/oss-sec/2017/q2/151
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-7475
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
- https://security-tracker.debian.org/tracker/CVE-2017-7275
- https://github.com/ImageMagick/ImageMagick/issues/271
- https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/
- http://www.securityfocus.com/bid/97166
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
- https://security-tracker.debian.org/tracker/CVE-2016-8678
- https://github.com/ImageMagick/ImageMagick/issues/272
- http://www.openwall.com/lists/oss-security/2016/10/16/2
- http://www.openwall.com/lists/oss-security/2016/12/08/18
- https://bugzilla.redhat.com/show_bug.cgi?id=1385694
- http://www.securityfocus.com/bid/93599
low severity
- Vulnerable module: libpng1.6/libpng-dev
- Introduced through: libpng1.6/libpng-dev@1.6.48-1 and libpng1.6/libpng16-16t64@1.6.48-1
Detailed paths
-
Introduced through: python@latest › libpng1.6/libpng-dev@1.6.48-1
-
Introduced through: python@latest › libpng1.6/libpng16-16t64@1.6.48-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libpng1.6
package and not the libpng1.6
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.
Remediation
There is no fixed version for Debian:13
libpng1.6
.
References
low severity
- Vulnerable module: libraw/libraw23t64
- Introduced through: libraw/libraw23t64@0.21.4-2
Detailed paths
-
Introduced through: python@latest › libraw/libraw23t64@0.21.4-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream libraw
package and not the libraw
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way
Remediation
There is no fixed version for Debian:13
libraw
.
References
- https://security-tracker.debian.org/tracker/CVE-2020-24890
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWHUZCRMGOC3QS6C65KWBM6ZJM25V6HI/
- https://security.gentoo.org/glsa/202010-05
- https://github.com/LibRaw/LibRaw/issues/335
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWHUZCRMGOC3QS6C65KWBM6ZJM25V6HI/
low severity
new
- Vulnerable module: openexr/libopenexr-3-1-30
- Introduced through: openexr/libopenexr-3-1-30@3.1.13-2 and openexr/libopenexr-dev@3.1.13-2
Detailed paths
-
Introduced through: python@latest › openexr/libopenexr-3-1-30@3.1.13-2
-
Introduced through: python@latest › openexr/libopenexr-dev@3.1.13-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openexr
package and not the openexr
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3.
Remediation
There is no fixed version for Debian:13
openexr
.
References
low severity
- Vulnerable module: openexr/libopenexr-3-1-30
- Introduced through: openexr/libopenexr-3-1-30@3.1.13-2 and openexr/libopenexr-dev@3.1.13-2
Detailed paths
-
Introduced through: python@latest › openexr/libopenexr-3-1-30@3.1.13-2
-
Introduced through: python@latest › openexr/libopenexr-dev@3.1.13-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openexr
package and not the openexr
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid
Remediation
There is no fixed version for Debian:13
openexr
.
References
low severity
- Vulnerable module: patch
- Introduced through: patch@2.8-2
Detailed paths
-
Introduced through: python@latest › patch@2.8-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream patch
package and not the patch
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
Remediation
There is no fixed version for Debian:13
patch
.
References
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2023-3164
- https://access.redhat.com/security/cve/CVE-2023-4156
- https://bugzilla.redhat.com/show_bug.cgi?id=2215930
- https://access.redhat.com/security/cve/CVE-2023-3164
- https://bugzilla.redhat.com/show_bug.cgi?id=2213531
- https://gitlab.com/libtiff/libtiff/-/issues/542
low severity
- Vulnerable module: util-linux
- Introduced through: util-linux@2.41-5, util-linux/bsdutils@1:2.41-5 and others
Detailed paths
-
Introduced through: python@latest › util-linux@2.41-5
-
Introduced through: python@latest › util-linux/bsdutils@1:2.41-5
-
Introduced through: python@latest › util-linux/libblkid-dev@2.41-5
-
Introduced through: python@latest › util-linux/libblkid1@2.41-5
-
Introduced through: python@latest › util-linux/liblastlog2-2@2.41-5
-
Introduced through: python@latest › util-linux/libmount-dev@2.41-5
-
Introduced through: python@latest › util-linux/libmount1@2.41-5
-
Introduced through: python@latest › util-linux/libsmartcols1@2.41-5
-
Introduced through: python@latest › util-linux/libuuid1@2.41-5
-
Introduced through: python@latest › util-linux/login@1:4.16.0-2+really2.41-5
-
Introduced through: python@latest › util-linux/mount@2.41-5
-
Introduced through: python@latest › util-linux/uuid-dev@2.41-5
NVD Description
Note: Versions mentioned in the description apply only to the upstream util-linux
package and not the util-linux
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.
Remediation
There is no fixed version for Debian:13
util-linux
.
References
- https://security-tracker.debian.org/tracker/CVE-2022-0563
- https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
- https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u
- https://security.gentoo.org/glsa/202401-08
- https://security.netapp.com/advisory/ntap-20220331-0002/
low severity
- Vulnerable module: patch
- Introduced through: patch@2.8-2
Detailed paths
-
Introduced through: python@latest › patch@2.8-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream patch
package and not the patch
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
Remediation
There is no fixed version for Debian:13
patch
.
References
- https://security-tracker.debian.org/tracker/CVE-2010-4651
- http://support.apple.com/kb/HT4723
- http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html
- http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1
- http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html
- http://www.vupen.com/english/advisories/2011/0600
- http://openwall.com/lists/oss-security/2011/01/05/10
- http://openwall.com/lists/oss-security/2011/01/06/19
- http://openwall.com/lists/oss-security/2011/01/06/20
- http://openwall.com/lists/oss-security/2011/01/06/21
- https://bugzilla.redhat.com/show_bug.cgi?id=667529
- http://secunia.com/advisories/43663
- http://secunia.com/advisories/43677
- http://www.securityfocus.com/bid/46768
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2010-4651
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-5244
- https://sourceware.org/bugzilla/attachment.cgi?id=16010
- https://sourceware.org/bugzilla/show_bug.cgi?id=32858
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5
- https://vuldb.com/?ctiid.310346
- https://vuldb.com/?id.310346
- https://vuldb.com/?submit.584634
- https://www.gnu.org/
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-5245
- https://sourceware.org/bugzilla/attachment.cgi?id=16004
- https://sourceware.org/bugzilla/show_bug.cgi?id=32829
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a
- https://vuldb.com/?ctiid.310347
- https://vuldb.com/?id.310347
- https://vuldb.com/?submit.584635
- https://www.gnu.org/
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1147
- https://sourceware.org/bugzilla/attachment.cgi?id=15881
- https://sourceware.org/bugzilla/show_bug.cgi?id=32556
- https://vuldb.com/?ctiid.295051
- https://vuldb.com/?id.295051
- https://www.gnu.org/
- https://security.netapp.com/advisory/ntap-20250404-0003/
- https://vuldb.com/?submit.485254
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Remediation
There is no fixed version for Debian:13
bluez
.
References
- https://security-tracker.debian.org/tracker/CVE-2016-9798
- https://www.spinics.net/lists/linux-bluetooth/msg68892.html
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html
- http://www.securityfocus.com/bid/94652
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00071.html
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00072.html
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9798
low severity
- Vulnerable module: elfutils/libelf1t64
- Introduced through: elfutils/libelf1t64@0.192-4
Detailed paths
-
Introduced through: python@latest › elfutils/libelf1t64@0.192-4
NVD Description
Note: Versions mentioned in the description apply only to the upstream elfutils
package and not the elfutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
elfutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1372
- https://sourceware.org/bugzilla/attachment.cgi?id=15927
- https://sourceware.org/bugzilla/show_bug.cgi?id=32656
- https://sourceware.org/bugzilla/show_bug.cgi?id=32656#c3
- https://sourceware.org/bugzilla/show_bug.cgi?id=32657
- https://vuldb.com/?ctiid.295981
- https://vuldb.com/?id.295981
- https://vuldb.com/?submit.496485
- https://www.gnu.org/
low severity
- Vulnerable module: elfutils/libelf1t64
- Introduced through: elfutils/libelf1t64@0.192-4
Detailed paths
-
Introduced through: python@latest › elfutils/libelf1t64@0.192-4
NVD Description
Note: Versions mentioned in the description apply only to the upstream elfutils
package and not the elfutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
elfutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1365
- https://sourceware.org/bugzilla/attachment.cgi?id=15925
- https://sourceware.org/bugzilla/show_bug.cgi?id=32654
- https://sourceware.org/bugzilla/show_bug.cgi?id=32654#c2
- https://vuldb.com/?ctiid.295977
- https://vuldb.com/?id.295977
- https://vuldb.com/?submit.496483
- https://www.gnu.org/
low severity
- Vulnerable module: glib2.0/gir1.2-glib-2.0
- Introduced through: glib2.0/gir1.2-glib-2.0@2.84.3-1, glib2.0/gir1.2-glib-2.0-dev@2.84.3-1 and others
Detailed paths
-
Introduced through: python@latest › glib2.0/gir1.2-glib-2.0@2.84.3-1
-
Introduced through: python@latest › glib2.0/gir1.2-glib-2.0-dev@2.84.3-1
-
Introduced through: python@latest › glib2.0/girepository-tools@2.84.3-1
-
Introduced through: python@latest › glib2.0/libgio-2.0-dev@2.84.3-1
-
Introduced through: python@latest › glib2.0/libgio-2.0-dev-bin@2.84.3-1
-
Introduced through: python@latest › glib2.0/libgirepository-2.0-0@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-0t64@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-bin@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-data@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-dev@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-dev-bin@2.84.3-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2.0
package and not the glib2.0
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.
Remediation
There is no fixed version for Debian:13
glib2.0
.
References
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.41-12, glibc/libc-dev-bin@2.41-12 and others
Detailed paths
-
Introduced through: python@latest › glibc/libc-bin@2.41-12
-
Introduced through: python@latest › glibc/libc-dev-bin@2.41-12
-
Introduced through: python@latest › glibc/libc6@2.41-12
-
Introduced through: python@latest › glibc/libc6-dev@2.41-12
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
Remediation
There is no fixed version for Debian:13
glibc
.
References
- https://security-tracker.debian.org/tracker/CVE-2019-1010024
- https://support.f5.com/csp/article/K06046097
- https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
- https://sourceware.org/bugzilla/show_bug.cgi?id=22852
- http://www.securityfocus.com/bid/109162
- https://ubuntu.com/security/CVE-2019-1010024
- https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.41-12, glibc/libc-dev-bin@2.41-12 and others
Detailed paths
-
Introduced through: python@latest › glibc/libc-bin@2.41-12
-
Introduced through: python@latest › glibc/libc-dev-bin@2.41-12
-
Introduced through: python@latest › glibc/libc6@2.41-12
-
Introduced through: python@latest › glibc/libc6-dev@2.41-12
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
Remediation
There is no fixed version for Debian:13
glibc
.
References
- https://security-tracker.debian.org/tracker/CVE-2019-1010025
- https://support.f5.com/csp/article/K06046097
- https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
- https://sourceware.org/bugzilla/show_bug.cgi?id=22853
- https://ubuntu.com/security/CVE-2019-1010025
- https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS
low severity
new
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
- https://security-tracker.debian.org/tracker/CVE-2008-3134
- http://sourceforge.net/forum/forum.php?forum_id=841176
- http://sourceforge.net/project/shownotes.php?release_id=610253
- http://www.vupen.com/english/advisories/2008/1984/references
- http://xforce.iss.net/xforce/xfdb/43511
- http://xforce.iss.net/xforce/xfdb/43513
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html
- http://secunia.com/advisories/30879
- http://secunia.com/advisories/32151
- http://www.securityfocus.com/bid/30055
- http://www.securitytracker.com/id?1020413
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43511
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43513
low severity
- Vulnerable module: libwmf/libwmf-0.2-7
- Introduced through: libwmf/libwmf-0.2-7@0.2.13-1.1+b3, libwmf/libwmf-dev@0.2.13-1.1+b3 and others
Detailed paths
-
Introduced through: python@latest › libwmf/libwmf-0.2-7@0.2.13-1.1+b3
-
Introduced through: python@latest › libwmf/libwmf-dev@0.2.13-1.1+b3
-
Introduced through: python@latest › libwmf/libwmflite-0.2-7@0.2.13-1.1+b3
NVD Description
Note: Versions mentioned in the description apply only to the upstream libwmf
package and not the libwmf
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.
Remediation
There is no fixed version for Debian:13
libwmf
.
References
- https://security-tracker.debian.org/tracker/CVE-2007-3477
- http://www.securityfocus.com/archive/1/478796/100/0/threaded
- ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz
- http://bugs.libgd.org/?do=details&task_id=74
- http://bugs.libgd.org/?do=details&task_id=92
- https://issues.rpath.com/browse/RPL-1643
- http://www.debian.org/security/2008/dsa-1613
- http://fedoranews.org/updates/FEDORA-2007-205.shtml
- http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
- http://security.gentoo.org/glsa/glsa-200708-05.xml
- http://security.gentoo.org/glsa/glsa-200711-34.xml
- http://security.gentoo.org/glsa/glsa-200805-13.xml
- http://www.libgd.org/ReleaseNote020035
- http://osvdb.org/42062
- https://bugzilla.redhat.com/show_bug.cgi?id=277421
- http://secunia.com/advisories/25860
- http://secunia.com/advisories/26272
- http://secunia.com/advisories/26390
- http://secunia.com/advisories/26415
- http://secunia.com/advisories/26467
- http://secunia.com/advisories/26663
- http://secunia.com/advisories/26766
- http://secunia.com/advisories/26856
- http://secunia.com/advisories/30168
- http://secunia.com/advisories/31168
- http://secunia.com/advisories/42813
- http://www.securityfocus.com/bid/24651
- http://www.novell.com/linux/security/advisories/2007_15_sr.html
- http://www.trustix.org/errata/2007/0024/
- http://www.vupen.com/english/advisories/2011/0022
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
low severity
- Vulnerable module: libxslt/libxslt1-dev
- Introduced through: libxslt/libxslt1-dev@1.1.35-1.2 and libxslt/libxslt1.1@1.1.35-1.2
Detailed paths
-
Introduced through: python@latest › libxslt/libxslt1-dev@1.1.35-1.2
-
Introduced through: python@latest › libxslt/libxslt1.1@1.1.35-1.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxslt
package and not the libxslt
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.
Remediation
There is no fixed version for Debian:13
libxslt
.
References
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
Remediation
There is no fixed version for Debian:13
openssh
.
References
- https://security-tracker.debian.org/tracker/CVE-2016-20012
- https://security.netapp.com/advisory/ntap-20211014-0005/
- https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265
- https://github.com/openssh/openssh-portable/pull/270
- https://rushter.com/blog/public-ssh-keys/
- https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak
- https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097
- https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185
- https://www.openwall.com/lists/oss-security/2018/08/24/1
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483.
Remediation
There is no fixed version for Debian:13
openssh
.
References
- https://security-tracker.debian.org/tracker/CVE-2007-2243
- https://security.netapp.com/advisory/ntap-20191107-0003/
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053906.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053951.html
- http://securityreason.com/securityalert/2631
- http://www.securityfocus.com/bid/23601
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33794
- http://www.osvdb.org/34600
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
Remediation
There is no fixed version for Debian:13
openssh
.
References
low severity
- Vulnerable module: systemd/libsystemd0
- Introduced through: systemd/libsystemd0@257.7-1 and systemd/libudev1@257.7-1
Detailed paths
-
Introduced through: python@latest › systemd/libsystemd0@257.7-1
-
Introduced through: python@latest › systemd/libudev1@257.7-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream systemd
package and not the systemd
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."
Remediation
There is no fixed version for Debian:13
systemd
.
References
low severity
- Vulnerable module: systemd/libsystemd0
- Introduced through: systemd/libsystemd0@257.7-1 and systemd/libudev1@257.7-1
Detailed paths
-
Introduced through: python@latest › systemd/libsystemd0@257.7-1
-
Introduced through: python@latest › systemd/libudev1@257.7-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream systemd
package and not the systemd
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."
Remediation
There is no fixed version for Debian:13
systemd
.
References
low severity
- Vulnerable module: systemd/libsystemd0
- Introduced through: systemd/libsystemd0@257.7-1 and systemd/libudev1@257.7-1
Detailed paths
-
Introduced through: python@latest › systemd/libsystemd0@257.7-1
-
Introduced through: python@latest › systemd/libudev1@257.7-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream systemd
package and not the systemd
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."
Remediation
There is no fixed version for Debian:13
systemd
.
References
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as fe10872e53efba9cc36c66ac4ab3b41a839d5172. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-8176
- http://www.libtiff.org/
- https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172
- https://gitlab.com/libtiff/libtiff/-/issues/707
- https://gitlab.com/libtiff/libtiff/-/merge_requests/727
- https://vuldb.com/?ctiid.317590
- https://vuldb.com/?id.317590
- https://vuldb.com/?submit.621796
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer.
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-8177
- http://www.libtiff.org/
- https://gitlab.com/libtiff/libtiff/-/commit/e8c9d6c616b19438695fd829e58ae4fde5bfbc22
- https://gitlab.com/libtiff/libtiff/-/merge_requests/737
- https://vuldb.com/?ctiid.317591
- https://vuldb.com/?id.317591
- https://gitlab.com/libtiff/libtiff/-/issues/715
- https://vuldb.com/?submit.621797
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1176
- https://sourceware.org/bugzilla/attachment.cgi?id=15913
- https://sourceware.org/bugzilla/show_bug.cgi?id=32636
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f9978defb6fab0bd8583942d97c112b0932ac814
- https://vuldb.com/?ctiid.295079
- https://vuldb.com/?id.295079
- https://vuldb.com/?submit.495329
- https://www.gnu.org/
- https://security.netapp.com/advisory/ntap-20250411-0007/
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1181
- https://sourceware.org/bugzilla/attachment.cgi?id=15918
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=931494c9a89558acb36a03a340c01726545eef24
- https://vuldb.com/?ctiid.295084
- https://vuldb.com/?id.295084
- https://www.gnu.org/
- https://security.netapp.com/advisory/ntap-20250425-0007/
- https://sourceware.org/bugzilla/show_bug.cgi?id=32643
- https://vuldb.com/?submit.495402
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1182
- https://sourceware.org/bugzilla/attachment.cgi?id=15919
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b425859021d17adf62f06fb904797cf8642986ad
- https://vuldb.com/?ctiid.295086
- https://vuldb.com/?id.295086
- https://www.gnu.org/
- https://sourceware.org/bugzilla/show_bug.cgi?id=32644
- https://vuldb.com/?submit.495407
low severity
- Vulnerable module: elfutils/libelf1t64
- Introduced through: elfutils/libelf1t64@0.192-4
Detailed paths
-
Introduced through: python@latest › elfutils/libelf1t64@0.192-4
NVD Description
Note: Versions mentioned in the description apply only to the upstream elfutils
package and not the elfutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
elfutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1352
- https://sourceware.org/bugzilla/attachment.cgi?id=15923
- https://sourceware.org/bugzilla/show_bug.cgi?id=32650
- https://sourceware.org/bugzilla/show_bug.cgi?id=32650#c2
- https://vuldb.com/?ctiid.295960
- https://vuldb.com/?id.295960
- https://vuldb.com/?submit.495965
- https://www.gnu.org/
low severity
- Vulnerable module: git
- Introduced through: git@1:2.47.2-0.2 and git/git-man@1:2.47.2-0.2
Detailed paths
-
Introduced through: python@latest › git@1:2.47.2-0.2
-
Introduced through: python@latest › git/git-man@1:2.47.2-0.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).
Remediation
There is no fixed version for Debian:13
git
.
References
low severity
- Vulnerable module: coreutils
- Introduced through: coreutils@9.7-3
Detailed paths
-
Introduced through: python@latest › coreutils@9.7-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream coreutils
package and not the coreutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
Remediation
There is no fixed version for Debian:13
coreutils
.
References
low severity
- Vulnerable module: openldap/libldap-dev
- Introduced through: openldap/libldap-dev@2.6.10+dfsg-1 and openldap/libldap2@2.6.10+dfsg-1
Detailed paths
-
Introduced through: python@latest › openldap/libldap-dev@2.6.10+dfsg-1
-
Introduced through: python@latest › openldap/libldap2@2.6.10+dfsg-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname
" command, as demonstrated by openldap-initscript.
Remediation
There is no fixed version for Debian:13
openldap
.
References
low severity
- Vulnerable module: coreutils
- Introduced through: coreutils@9.7-3
Detailed paths
-
Introduced through: python@latest › coreutils@9.7-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream coreutils
package and not the coreutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.
Remediation
There is no fixed version for Debian:13
coreutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-5278
- https://access.redhat.com/security/cve/CVE-2025-5278
- https://bugzilla.redhat.com/show_bug.cgi?id=2368764
- http://www.openwall.com/lists/oss-security/2025/05/27/2
- http://www.openwall.com/lists/oss-security/2025/05/29/1
- https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633
- https://cgit.git.savannah.gnu.org/cgit/coreutils.git/tree/NEWS?id=8c9602e3a145e9596dc1a63c6ed67865814b6633#n14
- http://www.openwall.com/lists/oss-security/2025/05/29/2
low severity
- Vulnerable module: systemd/libsystemd0
- Introduced through: systemd/libsystemd0@257.7-1 and systemd/libudev1@257.7-1
Detailed paths
-
Introduced through: python@latest › systemd/libsystemd0@257.7-1
-
Introduced through: python@latest › systemd/libudev1@257.7-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream systemd
package and not the systemd
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
Remediation
There is no fixed version for Debian:13
systemd
.
References
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.41-12, glibc/libc-dev-bin@2.41-12 and others
Detailed paths
-
Introduced through: python@latest › glibc/libc-bin@2.41-12
-
Introduced through: python@latest › glibc/libc-dev-bin@2.41-12
-
Introduced through: python@latest › glibc/libc6@2.41-12
-
Introduced through: python@latest › glibc/libc6-dev@2.41-12
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
Remediation
There is no fixed version for Debian:13
glibc
.
References
low severity
- Vulnerable module: gnutls28/libgnutls-dane0t64
- Introduced through: gnutls28/libgnutls-dane0t64@3.8.9-3, gnutls28/libgnutls-openssl27t64@3.8.9-3 and others
Detailed paths
-
Introduced through: python@latest › gnutls28/libgnutls-dane0t64@3.8.9-3
-
Introduced through: python@latest › gnutls28/libgnutls-openssl27t64@3.8.9-3
-
Introduced through: python@latest › gnutls28/libgnutls28-dev@3.8.9-3
-
Introduced through: python@latest › gnutls28/libgnutls30t64@3.8.9-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream gnutls28
package and not the gnutls28
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
Remediation
There is no fixed version for Debian:13
gnutls28
.
References
- https://security-tracker.debian.org/tracker/CVE-2011-3389
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
- http://support.apple.com/kb/HT4999
- http://support.apple.com/kb/HT5001
- http://support.apple.com/kb/HT5130
- http://support.apple.com/kb/HT5281
- http://support.apple.com/kb/HT5501
- http://support.apple.com/kb/HT6150
- http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
- http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
- http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
- http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
- http://www.us-cert.gov/cas/techalerts/TA12-010A.html
- http://www.kb.cert.org/vuls/id/864643
- http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
- http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
- http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
- http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
- http://curl.haxx.se/docs/adv_20120124B.html
- http://downloads.asterisk.org/pub/security/AST-2016-001.html
- http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
- https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
- https://bugzilla.novell.com/show_bug.cgi?id=719047
- https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
- http://technet.microsoft.com/security/advisory/2588513
- http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
- http://www.ibm.com/developerworks/java/jdk/alerts/
- http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
- http://www.opera.com/docs/changelogs/mac/1151/
- http://www.opera.com/docs/changelogs/mac/1160/
- http://www.opera.com/docs/changelogs/unix/1151/
- http://www.opera.com/docs/changelogs/unix/1160/
- http://www.opera.com/docs/changelogs/windows/1151/
- http://www.opera.com/docs/changelogs/windows/1160/
- http://www.opera.com/support/kb/view/1004/
- http://www.debian.org/security/2012/dsa-2398
- http://security.gentoo.org/glsa/glsa-201203-02.xml
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
- http://marc.info/?l=bugtraq&m=132750579901589&w=2
- http://marc.info/?l=bugtraq&m=132872385320240&w=2
- http://marc.info/?l=bugtraq&m=133365109612558&w=2
- http://marc.info/?l=bugtraq&m=133728004526190&w=2
- http://marc.info/?l=bugtraq&m=134254866602253&w=2
- http://marc.info/?l=bugtraq&m=134254957702612&w=2
- http://ekoparty.org/2011/juliano-rizzo.php
- http://eprint.iacr.org/2004/111
- http://eprint.iacr.org/2006/136
- http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
- http://vnhacker.blogspot.com/2011/09/beast.html
- http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
- http://www.insecure.cl/Beast-SSL.rar
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
- http://technet.microsoft.com/security/bulletin/MS12-006
- http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
- http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
- http://osvdb.org/74829
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752
- https://bugzilla.redhat.com/show_bug.cgi?id=737506
- http://rhn.redhat.com/errata/RHSA-2012-0508.html
- http://rhn.redhat.com/errata/RHSA-2013-1455.html
- http://secunia.com/advisories/45791
- http://secunia.com/advisories/47998
- http://secunia.com/advisories/48256
- http://secunia.com/advisories/48692
- http://secunia.com/advisories/48915
- http://secunia.com/advisories/48948
- http://secunia.com/advisories/49198
- http://secunia.com/advisories/55322
- http://secunia.com/advisories/55350
- http://secunia.com/advisories/55351
- http://www.securityfocus.com/bid/49388
- http://www.securityfocus.com/bid/49778
- http://www.securitytracker.com/id?1025997
- http://www.securitytracker.com/id?1026103
- http://www.securitytracker.com/id?1026704
- http://www.securitytracker.com/id/1029190
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
- https://hermes.opensuse.org/messages/13154861
- https://hermes.opensuse.org/messages/13155432
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2011-3389
- http://www.ubuntu.com/usn/USN-1263-1
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:058
- http://www.redhat.com/support/errata/RHSA-2011-1384.html
- http://www.redhat.com/support/errata/RHSA-2012-0006.html
- https://github.com/mpgn/BEAST-PoC
low severity
- Vulnerable module: libwmf/libwmf-0.2-7
- Introduced through: libwmf/libwmf-0.2-7@0.2.13-1.1+b3, libwmf/libwmf-dev@0.2.13-1.1+b3 and others
Detailed paths
-
Introduced through: python@latest › libwmf/libwmf-0.2-7@0.2.13-1.1+b3
-
Introduced through: python@latest › libwmf/libwmf-dev@0.2.13-1.1+b3
-
Introduced through: python@latest › libwmf/libwmflite-0.2-7@0.2.13-1.1+b3
NVD Description
Note: Versions mentioned in the description apply only to the upstream libwmf
package and not the libwmf
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.
Remediation
There is no fixed version for Debian:13
libwmf
.
References
- https://security-tracker.debian.org/tracker/CVE-2007-3476
- http://www.securityfocus.com/archive/1/478796/100/0/threaded
- ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz
- http://bugs.libgd.org/?do=details&task_id=87
- https://issues.rpath.com/browse/RPL-1643
- http://www.debian.org/security/2008/dsa-1613
- http://fedoranews.org/updates/FEDORA-2007-205.shtml
- http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00311.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
- http://security.gentoo.org/glsa/glsa-200708-05.xml
- http://security.gentoo.org/glsa/glsa-200711-34.xml
- http://security.gentoo.org/glsa/glsa-200805-13.xml
- http://www.libgd.org/ReleaseNote020035
- http://osvdb.org/37741
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10348
- https://bugzilla.redhat.com/show_bug.cgi?id=277421
- http://secunia.com/advisories/25860
- http://secunia.com/advisories/26272
- http://secunia.com/advisories/26390
- http://secunia.com/advisories/26415
- http://secunia.com/advisories/26467
- http://secunia.com/advisories/26663
- http://secunia.com/advisories/26766
- http://secunia.com/advisories/26856
- http://secunia.com/advisories/29157
- http://secunia.com/advisories/30168
- http://secunia.com/advisories/31168
- http://secunia.com/advisories/42813
- http://www.securityfocus.com/bid/24651
- http://www.novell.com/linux/security/advisories/2007_15_sr.html
- http://www.trustix.org/errata/2007/0024/
- http://www.vupen.com/english/advisories/2011/0022
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:153
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
- http://www.redhat.com/support/errata/RHSA-2008-0146.html
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:10.0p1-7
Detailed paths
-
Introduced through: python@latest › openssh/openssh-client@1:10.0p1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.
Remediation
There is no fixed version for Debian:13
openssh
.
References
low severity
- Vulnerable module: sqlite3/libsqlite3-0
- Introduced through: sqlite3/libsqlite3-0@3.46.1-7 and sqlite3/libsqlite3-dev@3.46.1-7
Detailed paths
-
Introduced through: python@latest › sqlite3/libsqlite3-0@3.46.1-7
-
Introduced through: python@latest › sqlite3/libsqlite3-dev@3.46.1-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream sqlite3
package and not the sqlite3
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.
Remediation
There is no fixed version for Debian:13
sqlite3
.
References
- https://security-tracker.debian.org/tracker/CVE-2021-45346
- https://github.com/guyinatuxedo/sqlite3_record_leaking
- https://security.netapp.com/advisory/ntap-20220303-0001/
- https://sqlite.org/forum/forumpost/056d557c2f8c452ed5
- https://sqlite.org/forum/forumpost/53de8864ba114bf6
- https://www.sqlite.org/cves.html#status_of_recent_sqlite_cves
low severity
- Vulnerable module: openldap/libldap-dev
- Introduced through: openldap/libldap-dev@2.6.10+dfsg-1 and openldap/libldap2@2.6.10+dfsg-1
Detailed paths
-
Introduced through: python@latest › openldap/libldap-dev@2.6.10+dfsg-1
-
Introduced through: python@latest › openldap/libldap2@2.6.10+dfsg-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.
Remediation
There is no fixed version for Debian:13
openldap
.
References
- https://security-tracker.debian.org/tracker/CVE-2020-15719
- https://access.redhat.com/errata/RHBA-2019:3674
- https://bugs.openldap.org/show_bug.cgi?id=9266
- https://bugzilla.redhat.com/show_bug.cgi?id=1740070
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html
- https://kc.mcafee.com/corporate/index?page=content&id=SB10365
- https://www.oracle.com/security-alerts/cpuapr2022.html
low severity
- Vulnerable module: apt
- Introduced through: apt@3.0.3 and apt/libapt-pkg7.0@3.0.3
Detailed paths
-
Introduced through: python@latest › apt@3.0.3
-
Introduced through: python@latest › apt/libapt-pkg7.0@3.0.3
NVD Description
Note: Versions mentioned in the description apply only to the upstream apt
package and not the apt
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
Remediation
There is no fixed version for Debian:13
apt
.
References
- https://security-tracker.debian.org/tracker/CVE-2011-3374
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
- https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
- https://seclists.org/fulldisclosure/2011/Sep/221
- https://snyk.io/vuln/SNYK-LINUX-APT-116518
- https://ubuntu.com/security/CVE-2011-3374
- https://access.redhat.com/security/cve/cve-2011-3374
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: elfutils/libelf1t64
- Introduced through: elfutils/libelf1t64@0.192-4
Detailed paths
-
Introduced through: python@latest › elfutils/libelf1t64@0.192-4
NVD Description
Note: Versions mentioned in the description apply only to the upstream elfutils
package and not the elfutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
elfutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1371
- https://sourceware.org/bugzilla/attachment.cgi?id=15926
- https://sourceware.org/bugzilla/show_bug.cgi?id=32655#c2
- https://vuldb.com/?ctiid.295978
- https://vuldb.com/?id.295978
- https://vuldb.com/?submit.496484
- https://www.gnu.org/
- https://sourceware.org/bugzilla/show_bug.cgi?id=32655
low severity
- Vulnerable module: elfutils/libelf1t64
- Introduced through: elfutils/libelf1t64@0.192-4
Detailed paths
-
Introduced through: python@latest › elfutils/libelf1t64@0.192-4
NVD Description
Note: Versions mentioned in the description apply only to the upstream elfutils
package and not the elfutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
elfutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1377
- https://sourceware.org/bugzilla/attachment.cgi?id=15941
- https://sourceware.org/bugzilla/show_bug.cgi?id=32673
- https://sourceware.org/bugzilla/show_bug.cgi?id=32673#c2
- https://vuldb.com/?ctiid.295985
- https://vuldb.com/?id.295985
- https://vuldb.com/?submit.497539
- https://www.gnu.org/
low severity
- Vulnerable module: gnupg2/dirmngr
- Introduced through: gnupg2/dirmngr@2.4.7-21+b3, gnupg2/gnupg@2.4.7-21 and others
Detailed paths
-
Introduced through: python@latest › gnupg2/dirmngr@2.4.7-21+b3
-
Introduced through: python@latest › gnupg2/gnupg@2.4.7-21
-
Introduced through: python@latest › gnupg2/gnupg-l10n@2.4.7-21
-
Introduced through: python@latest › gnupg2/gpg@2.4.7-21+b3
-
Introduced through: python@latest › gnupg2/gpg-agent@2.4.7-21+b3
-
Introduced through: python@latest › gnupg2/gpgconf@2.4.7-21+b3
-
Introduced through: python@latest › gnupg2/gpgsm@2.4.7-21+b3
NVD Description
Note: Versions mentioned in the description apply only to the upstream gnupg2
package and not the gnupg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.
Remediation
There is no fixed version for Debian:13
gnupg2
.
References
- https://security-tracker.debian.org/tracker/CVE-2022-3219
- https://access.redhat.com/security/cve/CVE-2022-3219
- https://bugzilla.redhat.com/show_bug.cgi?id=2127010
- https://dev.gnupg.org/D556
- https://dev.gnupg.org/T5993
- https://marc.info/?l=oss-security&m=165696590211434&w=4
- https://security.netapp.com/advisory/ntap-20230324-0001/
low severity
new
- Vulnerable module: libxml2
- Introduced through: libxml2@2.12.7+dfsg+really2.9.14-2.1 and libxml2/libxml2-dev@2.12.7+dfsg+really2.9.14-2.1
Detailed paths
-
Introduced through: python@latest › libxml2@2.12.7+dfsg+really2.9.14-2.1
-
Introduced through: python@latest › libxml2/libxml2-dev@2.12.7+dfsg+really2.9.14-2.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that "[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all."
Remediation
There is no fixed version for Debian:13
libxml2
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-8732
- https://drive.google.com/file/d/1woIeYVcSQB_NwfEhaVnX6MedpWJ_nqWl/view?usp=drive_link
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/958
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/958#note_2505853
- https://vuldb.com/?ctiid.319228
- https://vuldb.com/?id.319228
- https://vuldb.com/?submit.622285
low severity
- Vulnerable module: ncurses/libncurses-dev
- Introduced through: ncurses/libncurses-dev@6.5+20250216-2, ncurses/libncurses6@6.5+20250216-2 and others
Detailed paths
-
Introduced through: python@latest › ncurses/libncurses-dev@6.5+20250216-2
-
Introduced through: python@latest › ncurses/libncurses6@6.5+20250216-2
-
Introduced through: python@latest › ncurses/libncursesw6@6.5+20250216-2
-
Introduced through: python@latest › ncurses/libtinfo6@6.5+20250216-2
-
Introduced through: python@latest › ncurses/ncurses-base@6.5+20250216-2
-
Introduced through: python@latest › ncurses/ncurses-bin@6.5+20250216-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream ncurses
package and not the ncurses
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.
Remediation
There is no fixed version for Debian:13
ncurses
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-6141
- https://invisible-island.net/ncurses/NEWS.html#index-t20250329
- https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00107.html
- https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00109.html
- https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00114.html
- https://vuldb.com/?ctiid.312610
- https://vuldb.com/?id.312610
- https://vuldb.com/?submit.593000
- https://www.gnu.org/
low severity
- Vulnerable module: perl
- Introduced through: perl@5.40.1-6, perl/libperl5.40@5.40.1-6 and others
Detailed paths
-
Introduced through: python@latest › perl@5.40.1-6
-
Introduced through: python@latest › perl/libperl5.40@5.40.1-6
-
Introduced through: python@latest › perl/perl-base@5.40.1-6
-
Introduced through: python@latest › perl/perl-modules-5.40@5.40.1-6
NVD Description
Note: Versions mentioned in the description apply only to the upstream perl
package and not the perl
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
_is_safe in the File::Temp module for Perl does not properly handle symlinks.
Remediation
There is no fixed version for Debian:13
perl
.
References
- https://security-tracker.debian.org/tracker/CVE-2011-4116
- https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
- https://rt.cpan.org/Public/Bug/Display.html?id=69106
- https://seclists.org/oss-sec/2011/q4/238
- http://www.openwall.com/lists/oss-security/2011/11/04/2
- http://www.openwall.com/lists/oss-security/2011/11/04/4
low severity
new
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue.
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-9165
- http://www.libtiff.org/
- https://drive.google.com/file/d/1FWhmkzksH8-qU0ZM6seBzGNB3aPnX3G8/view?usp=sharing
- https://gitlab.com/libtiff/libtiff/-/commit/ed141286a37f6e5ddafb5069347ff5d587e7a4e0
- https://gitlab.com/libtiff/libtiff/-/issues/728
- https://gitlab.com/libtiff/libtiff/-/merge_requests/747
- https://vuldb.com/?ctiid.320543
- https://vuldb.com/?id.320543
- https://vuldb.com/?submit.630506
- https://vuldb.com/?submit.630507
- https://gitlab.com/libtiff/libtiff/-/issues/728#note_2709263214
low severity
new
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-8961
- http://www.libtiff.org/
- https://drive.google.com/file/d/15L4q2eD8GX3Aj3z6SWC3_FbqaM1ChUx2/view?usp=sharing
- https://gitlab.com/libtiff/libtiff/-/issues/721
- https://gitlab.com/libtiff/libtiff/-/issues/721#note_2670686960
- https://vuldb.com/?ctiid.319955
- https://vuldb.com/?id.319955
- https://vuldb.com/?submit.627957
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.
Remediation
There is no fixed version for Debian:13
tiff
.
References
low severity
- Vulnerable module: unzip
- Introduced through: unzip@6.0-29
Detailed paths
-
Introduced through: python@latest › unzip@6.0-29
NVD Description
Note: Versions mentioned in the description apply only to the upstream unzip
package and not the unzip
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
Remediation
There is no fixed version for Debian:13
unzip
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfd_malloc of the file libbfd.c of the component ld. The manipulation leads to memory leak. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function link_order_scan of the file ld/ldelfgen.c of the component ld. The manipulation leads to memory leak. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."
Remediation
There is no fixed version for Debian:13
binutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1148
- https://sourceware.org/bugzilla/attachment.cgi?id=15887
- https://sourceware.org/bugzilla/show_bug.cgi?id=32576
- https://vuldb.com/?ctiid.295052
- https://vuldb.com/?id.295052
- https://vuldb.com/?submit.485747
- https://www.gnu.org/
- https://security.netapp.com/advisory/ntap-20250404-0004/
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.44-3, binutils/binutils-common@2.44-3 and others
Detailed paths
-
Introduced through: python@latest › binutils@2.44-3
-
Introduced through: python@latest › binutils/binutils-common@2.44-3
-
Introduced through: python@latest › binutils/binutils-x86-64-linux-gnu@2.44-3
-
Introduced through: python@latest › binutils/libbinutils@2.44-3
-
Introduced through: python@latest › binutils/libctf-nobfd0@2.44-3
-
Introduced through: python@latest › binutils/libctf0@2.44-3
-
Introduced through: python@latest › binutils/libgprofng0@2.44-3
-
Introduced through: python@latest › binutils/libsframe1@2.44-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
binutils
.
References
low severity
- Vulnerable module: elfutils/libelf1t64
- Introduced through: elfutils/libelf1t64@0.192-4
Detailed paths
-
Introduced through: python@latest › elfutils/libelf1t64@0.192-4
NVD Description
Note: Versions mentioned in the description apply only to the upstream elfutils
package and not the elfutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
elfutils
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-1376
- https://sourceware.org/bugzilla/attachment.cgi?id=15940
- https://sourceware.org/bugzilla/show_bug.cgi?id=32672
- https://sourceware.org/bugzilla/show_bug.cgi?id=32672#c3
- https://vuldb.com/?ctiid.295984
- https://vuldb.com/?id.295984
- https://vuldb.com/?submit.497538
- https://www.gnu.org/
low severity
new
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue.
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2024-13978
- http://www.libtiff.org/
- https://gitlab.com/libtiff/libtiff/-/commit/2ebfffb0e8836bfb1cd7d85c059cd285c59761a4
- https://gitlab.com/libtiff/libtiff/-/merge_requests/667
- https://vuldb.com/?ctiid.318355
- https://vuldb.com/?id.318355
- https://vuldb.com/?submit.624562
- https://gitlab.com/libtiff/libtiff/-/issues/649
low severity
new
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.7.0-3, tiff/libtiff6@4.7.0-3 and others
Detailed paths
-
Introduced through: python@latest › tiff/libtiff-dev@4.7.0-3
-
Introduced through: python@latest › tiff/libtiff6@4.7.0-3
-
Introduced through: python@latest › tiff/libtiffxx6@4.7.0-3
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 6ba36f159fd396ad11bf6b7874554197736ecc8b. It is recommended to apply a patch to fix this issue. One of the maintainers explains, that "[t]his error only occurs if DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. "rD") option is used."
Remediation
There is no fixed version for Debian:13
tiff
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-8534
- http://www.libtiff.org/
- https://drive.google.com/file/d/15JPA3kLYiYD-nRNJ8y8HmnYjhv9NE7k6/view?usp=drive_link
- https://gitlab.com/libtiff/libtiff/-/commit/6ba36f159fd396ad11bf6b7874554197736ecc8b
- https://gitlab.com/libtiff/libtiff/-/merge_requests/746
- https://vuldb.com/?ctiid.318664
- https://vuldb.com/?id.318664
- https://gitlab.com/libtiff/libtiff/-/issues/718
- https://vuldb.com/?submit.617831
low severity
- Vulnerable module: bluez/libbluetooth-dev
- Introduced through: bluez/libbluetooth-dev@5.82-1.1 and bluez/libbluetooth3@5.82-1.1
Detailed paths
-
Introduced through: python@latest › bluez/libbluetooth-dev@5.82-1.1
-
Introduced through: python@latest › bluez/libbluetooth3@5.82-1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream bluez
package and not the bluez
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device.
The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20939.
Remediation
There is no fixed version for Debian:13
bluez
.
References
low severity
new
- Vulnerable module: cairo/libcairo-gobject2
- Introduced through: cairo/libcairo-gobject2@1.18.4-1+b1, cairo/libcairo-script-interpreter2@1.18.4-1+b1 and others
Detailed paths
-
Introduced through: python@latest › cairo/libcairo-gobject2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo-script-interpreter2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo2@1.18.4-1+b1
-
Introduced through: python@latest › cairo/libcairo2-dev@1.18.4-1+b1
NVD Description
Note: Versions mentioned in the description apply only to the upstream cairo
package and not the cairo
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.
Remediation
There is no fixed version for Debian:13
cairo
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-50422
- http://freedesktop.com
- http://poppler.com
- https://github.com/Landw-hub/CVE-2025-50422
- https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/621
- https://gitlab.freedesktop.org/poppler/poppler/-/issues/1591
- https://gitlab.freedesktop.org/poppler/poppler/-/issues/1591#note_3045081
low severity
- Vulnerable module: elfutils/libelf1t64
- Introduced through: elfutils/libelf1t64@0.192-4
Detailed paths
-
Introduced through: python@latest › elfutils/libelf1t64@0.192-4
NVD Description
Note: Versions mentioned in the description apply only to the upstream elfutils
package and not the elfutils
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c.
Remediation
There is no fixed version for Debian:13
elfutils
.
References
low severity
- Vulnerable module: git
- Introduced through: git@1:2.47.2-0.2 and git/git-man@1:2.47.2-0.2
Detailed paths
-
Introduced through: python@latest › git@1:2.47.2-0.2
-
Introduced through: python@latest › git/git-man@1:2.47.2-0.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
Remediation
There is no fixed version for Debian:13
git
.
References
low severity
- Vulnerable module: git
- Introduced through: git@1:2.47.2-0.2 and git/git-man@1:2.47.2-0.2
Detailed paths
-
Introduced through: python@latest › git@1:2.47.2-0.2
-
Introduced through: python@latest › git/git-man@1:2.47.2-0.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection. This protocol injection can cause the client to write the fetched bundle to a location controlled by the adversary. The fetched content is fully controlled by the server, which can in the worst case lead to arbitrary code execution. The use of bundle URIs is not enabled by default and can be controlled by the bundle.heuristic config option. Some cases of the vulnerability require that the adversary is in control of where a repository will be cloned to. This either requires social engineering or a recursive clone with submodules. These cases can thus be avoided by disabling recursive clones. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Remediation
There is no fixed version for Debian:13
git
.
References
low severity
- Vulnerable module: git
- Introduced through: git@1:2.47.2-0.2 and git/git-man@1:2.47.2-0.2
Detailed paths
-
Introduced through: python@latest › git@1:2.47.2-0.2
-
Introduced through: python@latest › git/git-man@1:2.47.2-0.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources.
Remediation
There is no fixed version for Debian:13
git
.
References
low severity
- Vulnerable module: git
- Introduced through: git@1:2.47.2-0.2 and git/git-man@1:2.47.2-0.2
Detailed paths
-
Introduced through: python@latest › git@1:2.47.2-0.2
-
Introduced through: python@latest › git/git-man@1:2.47.2-0.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Remediation
There is no fixed version for Debian:13
git
.
References
low severity
- Vulnerable module: git
- Introduced through: git@1:2.47.2-0.2 and git/git-man@1:2.47.2-0.2
Detailed paths
-
Introduced through: python@latest › git@1:2.47.2-0.2
-
Introduced through: python@latest › git/git-man@1:2.47.2-0.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
Remediation
There is no fixed version for Debian:13
git
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-27613
- https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5
- https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652
- https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v
low severity
- Vulnerable module: git
- Introduced through: git@1:2.47.2-0.2 and git/git-man@1:2.47.2-0.2
Detailed paths
-
Introduced through: python@latest › git@1:2.47.2-0.2
-
Introduced through: python@latest › git/git-man@1:2.47.2-0.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking gitk filename, where filename has a particular structure. The script is run with the privileges of the user. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.
Remediation
There is no fixed version for Debian:13
git
.
References
low severity
new
- Vulnerable module: glib2.0/gir1.2-glib-2.0
- Introduced through: glib2.0/gir1.2-glib-2.0@2.84.3-1, glib2.0/gir1.2-glib-2.0-dev@2.84.3-1 and others
Detailed paths
-
Introduced through: python@latest › glib2.0/gir1.2-glib-2.0@2.84.3-1
-
Introduced through: python@latest › glib2.0/gir1.2-glib-2.0-dev@2.84.3-1
-
Introduced through: python@latest › glib2.0/girepository-tools@2.84.3-1
-
Introduced through: python@latest › glib2.0/libgio-2.0-dev@2.84.3-1
-
Introduced through: python@latest › glib2.0/libgio-2.0-dev-bin@2.84.3-1
-
Introduced through: python@latest › glib2.0/libgirepository-2.0-0@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-0t64@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-bin@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-data@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-dev@2.84.3-1
-
Introduced through: python@latest › glib2.0/libglib2.0-dev-bin@2.84.3-1
NVD Description
This vulnerability has not been analyzed by NVD yet.
Remediation
There is no fixed version for Debian:13
glib2.0
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick mogrify
command, specifying multiple consecutive %d
format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through vsnprintf()
. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
new
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage() divides by these zero dimensions, triggering a crash (SIGFPE/abort), resulting in a denial of service. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-55212
- https://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/geometry.c#L355
- https://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/resize.c#L4625-L4629
- https://github.com/ImageMagick/ImageMagick/commit/5f0bcf986b8b5e90567750d31a37af502b73f2af
- https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1
- https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw
low severity
new
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
new
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
new
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick stream
command, specifying multiple consecutive %d
format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
new
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:7.1.1.43+dfsg1-1, imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1 and others
Detailed paths
-
Introduced through: python@latest › imagemagick@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7-common@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/imagemagick-7.q16@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-arch-config@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-10-extra@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickcore-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7-headers@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-10@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-7.q16-dev@8:7.1.1.43+dfsg1-1
-
Introduced through: python@latest › imagemagick/libmagickwand-dev@8:7.1.1.43+dfsg1-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code execution. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Remediation
There is no fixed version for Debian:13
imagemagick
.
References
low severity
- Vulnerable module: krb5/krb5-multidev
- Introduced through: krb5/krb5-multidev@1.21.3-5, krb5/libgssapi-krb5-2@1.21.3-5 and others
Detailed paths
-
Introduced through: python@latest › krb5/krb5-multidev@1.21.3-5
-
Introduced through: python@latest › krb5/libgssapi-krb5-2@1.21.3-5
-
Introduced through: python@latest › krb5/libgssrpc4t64@1.21.3-5
-
Introduced through: python@latest › krb5/libk5crypto3@1.21.3-5
-
Introduced through: python@latest › krb5/libkadm5clnt-mit12@1.21.3-5
-
Introduced through: python@latest › krb5/libkadm5srv-mit12@1.21.3-5
-
Introduced through: python@latest › krb5/libkdb5-10t64@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5-3@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5-dev@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5support0@1.21.3-5
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5
package and not the krb5
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
Remediation
There is no fixed version for Debian:13
krb5
.
References
low severity
- Vulnerable module: krb5/krb5-multidev
- Introduced through: krb5/krb5-multidev@1.21.3-5, krb5/libgssapi-krb5-2@1.21.3-5 and others
Detailed paths
-
Introduced through: python@latest › krb5/krb5-multidev@1.21.3-5
-
Introduced through: python@latest › krb5/libgssapi-krb5-2@1.21.3-5
-
Introduced through: python@latest › krb5/libgssrpc4t64@1.21.3-5
-
Introduced through: python@latest › krb5/libk5crypto3@1.21.3-5
-
Introduced through: python@latest › krb5/libkadm5clnt-mit12@1.21.3-5
-
Introduced through: python@latest › krb5/libkadm5srv-mit12@1.21.3-5
-
Introduced through: python@latest › krb5/libkdb5-10t64@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5-3@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5-dev@1.21.3-5
-
Introduced through: python@latest › krb5/libkrb5support0@1.21.3-5
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5
package and not the krb5
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
Remediation
There is no fixed version for Debian:13
krb5
.
References
low severity
- Vulnerable module: lcms2/liblcms2-2
- Introduced through: lcms2/liblcms2-2@2.16-2 and lcms2/liblcms2-dev@2.16-2
Detailed paths
-
Introduced through: python@latest › lcms2/liblcms2-2@2.16-2
-
Introduced through: python@latest › lcms2/liblcms2-dev@2.16-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream lcms2
package and not the lcms2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A heap buffer overflow vulnerability has been identified in thesmooth2() in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there only as a helper for low-level programming and investigation."
Remediation
There is no fixed version for Debian:13
lcms2
.
References
low severity
- Vulnerable module: libde265/libde265-0
- Introduced through: libde265/libde265-0@1.0.15-1+b3
Detailed paths
-
Introduced through: python@latest › libde265/libde265-0@1.0.15-1+b3
NVD Description
Note: Versions mentioned in the description apply only to the upstream libde265
package and not the libde265
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
Remediation
There is no fixed version for Debian:13
libde265
.
References
low severity
- Vulnerable module: libde265/libde265-0
- Introduced through: libde265/libde265-0@1.0.15-1+b3
Detailed paths
-
Introduced through: python@latest › libde265/libde265-0@1.0.15-1+b3
NVD Description
Note: Versions mentioned in the description apply only to the upstream libde265
package and not the libde265
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
Remediation
There is no fixed version for Debian:13
libde265
.
References
low severity
- Vulnerable module: libgcrypt20
- Introduced through: libgcrypt20@1.11.0-7
Detailed paths
-
Introduced through: python@latest › libgcrypt20@1.11.0-7
NVD Description
Note: Versions mentioned in the description apply only to the upstream libgcrypt20
package and not the libgcrypt20
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Remediation
There is no fixed version for Debian:13
libgcrypt20
.
References
- https://security-tracker.debian.org/tracker/CVE-2024-2236
- https://access.redhat.com/errata/RHSA-2024:9404
- https://bugzilla.redhat.com/show_bug.cgi?id=2268268
- https://access.redhat.com/errata/RHSA-2025:3534
- https://access.redhat.com/errata/RHSA-2025:3530
- https://access.redhat.com/security/cve/CVE-2024-2236
- https://bugzilla.redhat.com/show_bug.cgi?id=2245218
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
new
- Vulnerable module: openjpeg2/libopenjp2-7
- Introduced through: openjpeg2/libopenjp2-7@2.5.3-2 and openjpeg2/libopenjp2-7-dev@2.5.3-2
Detailed paths
-
Introduced through: python@latest › openjpeg2/libopenjp2-7@2.5.3-2
-
Introduced through: python@latest › openjpeg2/libopenjp2-7-dev@2.5.3-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjpeg2
package and not the openjpeg2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.
Remediation
There is no fixed version for Debian:13
openjpeg2
.
References
low severity
new
- Vulnerable module: pcre2/libpcre2-16-0
- Introduced through: pcre2/libpcre2-16-0@10.45-1, pcre2/libpcre2-32-0@10.45-1 and others
Detailed paths
-
Introduced through: python@latest › pcre2/libpcre2-16-0@10.45-1
-
Introduced through: python@latest › pcre2/libpcre2-32-0@10.45-1
-
Introduced through: python@latest › pcre2/libpcre2-8-0@10.45-1
-
Introduced through: python@latest › pcre2/libpcre2-dev@10.45-1
-
Introduced through: python@latest › pcre2/libpcre2-posix3@10.45-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream pcre2
package and not the pcre2
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.
Remediation
There is no fixed version for Debian:13
pcre2
.
References
low severity
new
- Vulnerable module: postgresql-17/libpq-dev
- Introduced through: postgresql-17/libpq-dev@17.5-1 and postgresql-17/libpq5@17.5-1
Detailed paths
-
Introduced through: python@latest › postgresql-17/libpq-dev@17.5-1
-
Introduced through: python@latest › postgresql-17/libpq5@17.5-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream postgresql-17
package and not the postgresql-17
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user could craft a leaky operator that bypassed view access control lists (ACLs) and bypassed row security policies in partitioning or table inheritance hierarchies. Reachable statistics data notably included histograms and most-common-values lists. CVE-2017-7484 and CVE-2019-10130 intended to close this class of vulnerability, but this gap remained. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
Remediation
There is no fixed version for Debian:13
postgresql-17
.
References
low severity
new
- Vulnerable module: postgresql-17/libpq-dev
- Introduced through: postgresql-17/libpq-dev@17.5-1 and postgresql-17/libpq5@17.5-1
Detailed paths
-
Introduced through: python@latest › postgresql-17/libpq-dev@17.5-1
-
Introduced through: python@latest › postgresql-17/libpq5@17.5-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream postgresql-17
package and not the postgresql-17
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
Remediation
There is no fixed version for Debian:13
postgresql-17
.
References
low severity
new
- Vulnerable module: postgresql-17/libpq-dev
- Introduced through: postgresql-17/libpq-dev@17.5-1 and postgresql-17/libpq5@17.5-1
Detailed paths
-
Introduced through: python@latest › postgresql-17/libpq-dev@17.5-1
-
Introduced through: python@latest › postgresql-17/libpq5@17.5-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream postgresql-17
package and not the postgresql-17
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it.
Remediation
There is no fixed version for Debian:13
postgresql-17
.
References
low severity
- Vulnerable module: python3.13
- Introduced through: python3.13@3.13.5-2, python3.13/libpython3.13-minimal@3.13.5-2 and others
Detailed paths
-
Introduced through: python@latest › python3.13@3.13.5-2
-
Introduced through: python@latest › python3.13/libpython3.13-minimal@3.13.5-2
-
Introduced through: python@latest › python3.13/libpython3.13-stdlib@3.13.5-2
-
Introduced through: python@latest › python3.13/python3.13-minimal@3.13.5-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream python3.13
package and not the python3.13
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.
Remediation
There is no fixed version for Debian:13
python3.13
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-6069
- https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949
- https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41
- https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b
- https://github.com/python/cpython/issues/135462
- https://github.com/python/cpython/pull/135464
- https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/
- https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49
- https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5
- https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc
- https://github.com/python/cpython/commit/fdc9d214c01cb4588f540cfa03726bbf2a33fc15
low severity
- Vulnerable module: python3.13
- Introduced through: python3.13@3.13.5-2, python3.13/libpython3.13-minimal@3.13.5-2 and others
Detailed paths
-
Introduced through: python@latest › python3.13@3.13.5-2
-
Introduced through: python@latest › python3.13/libpython3.13-minimal@3.13.5-2
-
Introduced through: python@latest › python3.13/libpython3.13-stdlib@3.13.5-2
-
Introduced through: python@latest › python3.13/python3.13-minimal@3.13.5-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream python3.13
package and not the python3.13
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives.
This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
Remediation
There is no fixed version for Debian:13
python3.13
.
References
- https://security-tracker.debian.org/tracker/CVE-2025-8194
- https://github.com/python/cpython/issues/130577
- https://github.com/python/cpython/pull/137027
- https://mail.python.org/archives/list/security-announce@python.org/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/
- https://github.com/python/cpython/commit/7040aa54f14676938970e10c5f74ea93cd56aa38
- https://github.com/python/cpython/commit/cdae923ffe187d6ef916c0f665a31249619193fe
- https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
- https://github.com/python/cpython/commit/c9d9f78feb1467e73fd29356c040bde1c104f29f
- https://github.com/python/cpython/commit/fbc2a0ca9ac8aff6887f8ddf79b87b4510277227
low severity
- Vulnerable module: shadow/login.defs
- Introduced through: shadow/login.defs@1:4.17.4-2 and shadow/passwd@1:4.17.4-2
Detailed paths
-
Introduced through: python@latest › shadow/login.defs@1:4.17.4-2
-
Introduced through: python@latest › shadow/passwd@1:4.17.4-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream shadow
package and not the shadow
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.
Remediation
There is no fixed version for Debian:13
shadow
.