Debian 11

Debian 11 — jackson-dataformat-cbor — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — jackson-dataformat-cbor — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-28491 Upstream summary: This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception. […]

Read more
Debian 11 — pango1.0 — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — pango1.0 — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-1194 CVE-2010-0421 CVE-2011-0020 CVE-2011-0064 CVE-2011-3193 CVE-2018-15120 CVE-2019-1010238 Upstream summary: Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial […]

Read more
Debian 11 — fex — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — fex — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2011-1409 CVE-2012-0869 CVE-2012-1293 CVE-2014-3875 CVE-2014-3876 CVE-2014-3877 CVE-2020-15591 Upstream summary: Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly other versions before 20110610, allows remote attackers to bypass […]

Read more
Debian 11 — spice-gtk — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — spice-gtk — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-4425 CVE-2013-4324 CVE-2016-3066 CVE-2017-12194 CVE-2018-10873 CVE-2018-10893 CVE-2020-14355 Upstream summary: libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to […]

Read more
Debian 11 — lcms2 — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — lcms2 — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-4160 CVE-2013-7455 CVE-2014-0459 CVE-2016-10165 CVE-2018-16435 CVE-2025-29070 CVE-2026-41254 Upstream summary: Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause […]

Read more
Debian 11 — vorbis-tools — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — vorbis-tools — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 CVE-2017-11331 CVE-2023-43361 CVE-2026-34253 Upstream summary: oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a […]

Read more
Debian 11 — pcs — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — pcs — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-0720 CVE-2016-0721 CVE-2017-2661 CVE-2018-1079 CVE-2018-1086 CVE-2022-1049 CVE-2022-2735 Upstream summary: Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. Table of contents Symptom & Impact […]

Read more
Debian 11 — libpdfbox-java — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — libpdfbox-java — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-2175 CVE-2018-11797 CVE-2018-8036 CVE-2021-31811 CVE-2021-31812 CVE-2026-23907 CVE-2026-33929 Upstream summary: Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers […]

Read more
Debian 11 — node-pathval — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — node-pathval — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-7751 Upstream summary: pathval before version 1.1.1 is vulnerable to prototype pollution. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis […]

Read more
Debian 11 — qtsvg-opensource-src — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — qtsvg-opensource-src — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-19869 CVE-2021-28025 CVE-2021-3481 CVE-2021-45930 CVE-2023-32573 CVE-2025-10729 CVE-2026-6210 Upstream summary: An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. Table […]

Read more
CHAT