Debian 11

Debian 11 — sysstat — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — sysstat — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0107 CVE-2004-0108 CVE-2018-19416 CVE-2018-19517 CVE-2019-16167 CVE-2019-19725 CVE-2022-39377 CVE-2023-33204 Upstream summary: The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary […]

Read more
Debian 11 — mpv — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — mpv — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-6360 CVE-2020-19824 CVE-2021-30145 Upstream summary: mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, […]

Read more
Debian 11 — node-jquery — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — node-jquery — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-11358 CVE-2020-11022 CVE-2020-11023 Upstream summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution. If an unsanitized […]

Read more
Debian 11 — netkit-rsh — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — netkit-rsh — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-7282 CVE-2019-7283 CVE-2023-38336 Upstream summary: In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . […]

Read more
Debian 11 — node-object-path — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — node-object-path — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-15256 CVE-2021-23434 CVE-2021-3805 Upstream summary: A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode […]

Read more
Debian 11 — nanopb — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — nanopb — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-26243 CVE-2021-21401 CVE-2024-53984 Upstream summary: Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if […]

Read more
Debian 11 — p11-kit — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — p11-kit — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 Upstream summary: An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library […]

Read more
Debian 11 — python-rtslib-fb — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — python-rtslib-fb — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-14019 Upstream summary: Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved. Table of contents […]

Read more
Debian 11 — rbdoom3bfg — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — rbdoom3bfg — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-15007 Upstream summary: A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of […]

Read more
Debian 11 — junit4 — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — junit4 — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-15250 Upstream summary: In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary […]

Read more
CHAT