Debian 11

Debian 11 — lucene-solr — multiple vulnerabilities (17 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — lucene-solr — multiple vulnerabilities (17 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-6612 CVE-2013-6397 CVE-2013-6407 CVE-2013-6408 CVE-2017-12629 CVE-2017-3163 CVE-2017-3164 CVE-2018-1308  +9 more Upstream summary: The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers […]

Read more
Debian 11 — flask — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — flask — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-1000656 CVE-2019-1010083 CVE-2023-30861 CVE-2026-27205 Upstream summary: The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount […]

Read more
Debian 11 — google-oauth-client-java — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — google-oauth-client-java — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-7692 CVE-2021-22573 Upstream summary: PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code […]

Read more
Debian 11 — guacamole-server — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — guacamole-server — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-9497 CVE-2020-9498 Upstream summary: Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or […]

Read more
Debian 11 — karchive — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — karchive — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-6232 Upstream summary: Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot […]

Read more
Debian 11 — fusiondirectory — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — fusiondirectory — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-11187 CVE-2022-36179 CVE-2022-36180 CVE-2025-32807 Upstream summary: Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a […]

Read more
Debian 11 — runc — multiple vulnerabilities (16 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — runc — multiple vulnerabilities (16 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-3697 CVE-2016-9962 CVE-2019-16884 CVE-2019-19921 CVE-2019-5736 CVE-2021-30465 CVE-2021-43784 CVE-2022-29162  +8 more Upstream summary: libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID […]

Read more
Debian 11 — r-cran-readxl — multiple vulnerabilities (16 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — r-cran-readxl — multiple vulnerabilities (16 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-12108 CVE-2017-12109 CVE-2017-12110 CVE-2017-12111 CVE-2017-2896 CVE-2017-2897 CVE-2017-2919 CVE-2018-20450  +8 more Upstream summary: An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a […]

Read more
Debian 11 — libcatalyst-authentication-credential-http-perl — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — libcatalyst-authentication-credential-http-perl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-40920 Upstream summary: Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating […]

Read more
CHAT