Vulnerabilities

25 via 56 paths

Dependencies

87

Source

Group 6 Copy Created with Sketch. Docker

Target OS

debian:13
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 25
Status
  • 25
  • 0
  • 0

low severity

Out-of-Bounds

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.41-12 and glibc/libc6@2.41-12

Detailed paths

  • Introduced through: python@3-slim glibc/libc-bin@2.41-12
  • Introduced through: python@3-slim glibc/libc6@2.41-12

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

low severity

CVE-2005-2541

  • Vulnerable module: tar
  • Introduced through: tar@1.35+dfsg-3.1

Detailed paths

  • Introduced through: python@3-slim tar@1.35+dfsg-3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.

Remediation

There is no fixed version for Debian:13 tar.

References

low severity

CVE-2019-1010023

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.41-12 and glibc/libc6@2.41-12

Detailed paths

  • Introduced through: python@3-slim glibc/libc-bin@2.41-12
  • Introduced through: python@3-slim glibc/libc6@2.41-12

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

low severity

Uncontrolled Recursion

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.41-12 and glibc/libc6@2.41-12

Detailed paths

  • Introduced through: python@3-slim glibc/libc-bin@2.41-12
  • Introduced through: python@3-slim glibc/libc6@2.41-12

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep.

Remediation

There is no fixed version for Debian:13 glibc.

References

low severity

Uncontrolled Recursion

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.41-12 and glibc/libc6@2.41-12

Detailed paths

  • Introduced through: python@3-slim glibc/libc-bin@2.41-12
  • Introduced through: python@3-slim glibc/libc6@2.41-12

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\1\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern

Remediation

There is no fixed version for Debian:13 glibc.

References

low severity

Access Restriction Bypass

  • Vulnerable module: shadow/login.defs
  • Introduced through: shadow/login.defs@1:4.17.4-2 and shadow/passwd@1:4.17.4-2

Detailed paths

  • Introduced through: python@3-slim shadow/login.defs@1:4.17.4-2
  • Introduced through: python@3-slim shadow/passwd@1:4.17.4-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.

Remediation

There is no fixed version for Debian:13 shadow.

References

low severity

Information Exposure

  • Vulnerable module: util-linux
  • Introduced through: util-linux@2.41-5, util-linux/bsdutils@1:2.41-5 and others

Detailed paths

  • Introduced through: python@3-slim util-linux@2.41-5
  • Introduced through: python@3-slim util-linux/bsdutils@1:2.41-5
  • Introduced through: python@3-slim util-linux/libblkid1@2.41-5
  • Introduced through: python@3-slim util-linux/liblastlog2-2@2.41-5
  • Introduced through: python@3-slim util-linux/libmount1@2.41-5
  • Introduced through: python@3-slim util-linux/libsmartcols1@2.41-5
  • Introduced through: python@3-slim util-linux/libuuid1@2.41-5
  • Introduced through: python@3-slim util-linux/login@1:4.16.0-2+really2.41-5
  • Introduced through: python@3-slim util-linux/mount@2.41-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream util-linux package and not the util-linux package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.

Remediation

There is no fixed version for Debian:13 util-linux.

References

low severity

Information Exposure

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.41-12 and glibc/libc6@2.41-12

Detailed paths

  • Introduced through: python@3-slim glibc/libc-bin@2.41-12
  • Introduced through: python@3-slim glibc/libc6@2.41-12

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

low severity

Use of Insufficiently Random Values

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.41-12 and glibc/libc6@2.41-12

Detailed paths

  • Introduced through: python@3-slim glibc/libc-bin@2.41-12
  • Introduced through: python@3-slim glibc/libc6@2.41-12

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.

Remediation

There is no fixed version for Debian:13 glibc.

References

low severity

Improper Validation of Integrity Check Value

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@257.8-1~deb13u2 and systemd/libudev1@257.8-1~deb13u2

Detailed paths

  • Introduced through: python@3-slim systemd/libsystemd0@257.8-1~deb13u2
  • Introduced through: python@3-slim systemd/libudev1@257.8-1~deb13u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

low severity

Improper Validation of Integrity Check Value

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@257.8-1~deb13u2 and systemd/libudev1@257.8-1~deb13u2

Detailed paths

  • Introduced through: python@3-slim systemd/libsystemd0@257.8-1~deb13u2
  • Introduced through: python@3-slim systemd/libudev1@257.8-1~deb13u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

low severity

Improper Validation of Integrity Check Value

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@257.8-1~deb13u2 and systemd/libudev1@257.8-1~deb13u2

Detailed paths

  • Introduced through: python@3-slim systemd/libsystemd0@257.8-1~deb13u2
  • Introduced through: python@3-slim systemd/libudev1@257.8-1~deb13u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

low severity

Race Condition

  • Vulnerable module: coreutils
  • Introduced through: coreutils@9.7-3

Detailed paths

  • Introduced through: python@3-slim coreutils@9.7-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.

Remediation

There is no fixed version for Debian:13 coreutils.

References

low severity

Stack-based Buffer Overflow

  • Vulnerable module: coreutils
  • Introduced through: coreutils@9.7-3

Detailed paths

  • Introduced through: python@3-slim coreutils@9.7-3

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.

Remediation

There is no fixed version for Debian:13 coreutils.

References

low severity

Link Following

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@257.8-1~deb13u2 and systemd/libudev1@257.8-1~deb13u2

Detailed paths

  • Introduced through: python@3-slim systemd/libsystemd0@257.8-1~deb13u2
  • Introduced through: python@3-slim systemd/libudev1@257.8-1~deb13u2

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.

Remediation

There is no fixed version for Debian:13 systemd.

References

low severity

Resource Management Errors

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.41-12 and glibc/libc6@2.41-12

Detailed paths

  • Introduced through: python@3-slim glibc/libc-bin@2.41-12
  • Introduced through: python@3-slim glibc/libc6@2.41-12

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.

Remediation

There is no fixed version for Debian:13 glibc.

References

low severity

Memory Leak

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.46.1-7

Detailed paths

  • Introduced through: python@3-slim sqlite3/libsqlite3-0@3.46.1-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.

Remediation

There is no fixed version for Debian:13 sqlite3.

References

low severity

Improper Verification of Cryptographic Signature

  • Vulnerable module: apt
  • Introduced through: apt@3.0.3 and apt/libapt-pkg7.0@3.0.3

Detailed paths

  • Introduced through: python@3-slim apt@3.0.3
  • Introduced through: python@3-slim apt/libapt-pkg7.0@3.0.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream apt package and not the apt package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.

Remediation

There is no fixed version for Debian:13 apt.

References

low severity

Out-of-Bounds

  • Vulnerable module: ncurses/libncursesw6
  • Introduced through: ncurses/libncursesw6@6.5+20250216-2, ncurses/libtinfo6@6.5+20250216-2 and others

Detailed paths

  • Introduced through: python@3-slim ncurses/libncursesw6@6.5+20250216-2
  • Introduced through: python@3-slim ncurses/libtinfo6@6.5+20250216-2
  • Introduced through: python@3-slim ncurses/ncurses-base@6.5+20250216-2
  • Introduced through: python@3-slim ncurses/ncurses-bin@6.5+20250216-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:13 ncurses.

References

low severity

Link Following

  • Vulnerable module: perl/perl-base
  • Introduced through: perl/perl-base@5.40.1-6

Detailed paths

  • Introduced through: python@3-slim perl/perl-base@5.40.1-6

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

_is_safe in the File::Temp module for Perl does not properly handle symlinks.

Remediation

There is no fixed version for Debian:13 perl.

References

low severity
new

CVE-2025-9230

  • Vulnerable module: openssl
  • Introduced through: openssl@3.5.1-1, openssl/libssl3t64@3.5.1-1 and others

Detailed paths

  • Introduced through: python@3-slim openssl@3.5.1-1
  • Introduced through: python@3-slim openssl/libssl3t64@3.5.1-1
  • Introduced through: python@3-slim openssl/openssl-provider-legacy@3.5.1-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write.

Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code.

Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy.

The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.

Remediation

There is no fixed version for Debian:13 openssl.

References

low severity
new

CVE-2025-9231

  • Vulnerable module: openssl
  • Introduced through: openssl@3.5.1-1, openssl/libssl3t64@3.5.1-1 and others

Detailed paths

  • Introduced through: python@3-slim openssl@3.5.1-1
  • Introduced through: python@3-slim openssl/libssl3t64@3.5.1-1
  • Introduced through: python@3-slim openssl/openssl-provider-legacy@3.5.1-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms.

Impact summary: A timing side-channel in SM2 signature computations on 64 bit ARM platforms could allow recovering the private key by an attacker..

While remote key recovery over a network was not attempted by the reporter, timing measurements revealed a timing signal which may allow such an attack.

OpenSSL does not directly support certificates with SM2 keys in TLS, and so this CVE is not relevant in most TLS contexts. However, given that it is possible to add support for such certificates via a custom provider, coupled with the fact that in such a custom provider context the private key may be recoverable via remote timing measurements, we consider this to be a Moderate severity issue.

The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as SM2 is not an approved algorithm.

Remediation

There is no fixed version for Debian:13 openssl.

References

low severity
new

CVE-2025-9232

  • Vulnerable module: openssl
  • Introduced through: openssl@3.5.1-1, openssl/libssl3t64@3.5.1-1 and others

Detailed paths

  • Introduced through: python@3-slim openssl@3.5.1-1
  • Introduced through: python@3-slim openssl/libssl3t64@3.5.1-1
  • Introduced through: python@3-slim openssl/openssl-provider-legacy@3.5.1-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'no_proxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address.

Impact summary: An out-of-bounds read can trigger a crash which leads to Denial of Service for an application.

The OpenSSL HTTP client API functions can be used directly by applications but they are also used by the OCSP client functions and CMP (Certificate Management Protocol) client implementation in OpenSSL. However the URLs used by these implementations are unlikely to be controlled by an attacker.

In this vulnerable code the out of bounds read can only trigger a crash. Furthermore the vulnerability requires an attacker-controlled URL to be passed from an application to the OpenSSL function and the user has to have a 'no_proxy' environment variable set. For the aforementioned reasons the issue was assessed as Low severity.

The vulnerable code was introduced in the following patch releases: 3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.

The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the HTTP client implementation is outside the OpenSSL FIPS module boundary.

Remediation

There is no fixed version for Debian:13 openssl.

References

low severity

CVE-2024-56433

  • Vulnerable module: shadow/login.defs
  • Introduced through: shadow/login.defs@1:4.17.4-2 and shadow/passwd@1:4.17.4-2

Detailed paths

  • Introduced through: python@3-slim shadow/login.defs@1:4.17.4-2
  • Introduced through: python@3-slim shadow/passwd@1:4.17.4-2

NVD Description

Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.

Remediation

There is no fixed version for Debian:13 shadow.

References

low severity
new

CVE-2025-7709

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.46.1-7

Detailed paths

  • Introduced through: python@3-slim sqlite3/libsqlite3-0@3.46.1-7

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html  extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.

Remediation

There is no fixed version for Debian:13 sqlite3.

References