Debian 11

Debian 11 — mujs — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — mujs — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-22885 CVE-2020-22886 CVE-2021-33796 CVE-2021-33797 CVE-2021-45005 CVE-2022-30974 CVE-2022-30975 CVE-2022-44789 Upstream summary: Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers […]

Read more
Debian 11 — libowasp-esapi-java — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — libowasp-esapi-java — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-23457 CVE-2022-24891 CVE-2025-5878 Upstream summary: ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation […]

Read more
Debian 11 — gnome-gmail — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — gnome-gmail — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-24904 Upstream summary: An issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted "mailto" link. Table of […]

Read more
Debian 11 — qtdeclarative-opensource-src — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — qtdeclarative-opensource-src — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-40983 CVE-2022-43591 CVE-2025-12385 Upstream summary: An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an […]

Read more
Debian 11 — golang-github-dgrijalva-jwt-go — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — golang-github-dgrijalva-jwt-go — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-26160 Upstream summary: jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type […]

Read more
Debian 11 — axis — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — axis — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-2353 CVE-2012-5784 CVE-2014-3596 CVE-2018-8032 CVE-2019-0227 CVE-2023-40743 CVE-2023-51441 Upstream summary: Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the […]

Read more
Debian 11 — lasso — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — lasso — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-0050 CVE-2015-1783 CVE-2021-28091 CVE-2025-46404 CVE-2025-46705 CVE-2025-46784 CVE-2025-47151 Upstream summary: Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote […]

Read more
Debian 11 — golang-github-hashicorp-go-slug — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — golang-github-hashicorp-go-slug — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-29529 Upstream summary: HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of […]

Read more
Debian 11 — python-autobahn — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — python-autobahn — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-35678 Upstream summary: Autobahn|Python before 20.12.3 allows redirect header injection. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – […]

Read more
Debian 11 — rust-crossbeam-channel — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — rust-crossbeam-channel — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-35904 Upstream summary: An issue was discovered in the crossbeam-channel crate before 0.4.4 for Rust. It has incorrect expectations about the relationship between the memory allocation and how […]

Read more
CHAT