Debian 11

Debian 11 — catfish — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — catfish — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-2093 CVE-2014-2094 CVE-2014-2095 CVE-2014-2096 Upstream summary: Untrusted search path vulnerability in Catfish through 0.4.0.3 allows local users to gain privileges via a Trojan horse catfish.py in the current […]

Read more
Debian 11 — gettext.js — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — gettext.js — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-43370 Upstream summary: gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. […]

Read more
Debian 11 — python-markdown2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — python-markdown2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-11888 CVE-2021-26813 Upstream summary: python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- […]

Read more
Debian 11 — borgbackup — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — borgbackup — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-10099 CVE-2016-10100 CVE-2017-15914 CVE-2023-36811 Upstream summary: Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing […]

Read more
Debian 11 — gst-plugins-bad1.0 — multiple vulnerabilities (18 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — gst-plugins-bad1.0 — multiple vulnerabilities (18 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-9445 CVE-2016-9446 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2017-5843 CVE-2017-5848 CVE-2021-3185  +10 more Upstream summary: Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial […]

Read more
Debian 11 — doxygen — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — doxygen — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-10245 Upstream summary: Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection. Table of contents Symptom & Impact Environment & […]

Read more
Debian 11 — rust-shlex — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — rust-shlex — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-58266 Upstream summary: The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection. Table of […]

Read more
Debian 11 — gsl — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — gsl — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-35357 CVE-2024-50610 Upstream summary: A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing […]

Read more
Debian 11 — kinit — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — kinit — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-3100 Upstream summary: kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently […]

Read more
CHAT