Debian 12 Bookworm

Debian 12 — libglvnd — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libglvnd — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-45924 Upstream summary: libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a segmentation violation via the function glXGetDrawableScreen(). NOTE: this is disputed because there are no common […]

Read more
Debian 12 — cryptojs — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — cryptojs — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-46233 Upstream summary: crypto-js is a JavaScript library of crypto standards. Prior to version 4.2.0, crypto-js PBKDF2 is 1,000 times weaker than originally specified in 1993, and at […]

Read more
Debian 12 — jq — multiple vulnerabilities (18 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — jq — multiple vulnerabilities (18 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-8863 CVE-2016-4074 CVE-2024-23337 CVE-2025-48060 CVE-2025-9403 CVE-2026-32316 CVE-2026-33947 CVE-2026-33948  +10 more Upstream summary: Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a […]

Read more
Debian 12 — encfs — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — encfs — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-3073 CVE-2010-3074 CVE-2010-3075 CVE-2014-3462 Upstream summary: SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which […]

Read more
Debian 12 — thunar — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — thunar — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-18398 CVE-2021-32563 Upstream summary: Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read […]

Read more
Debian 12 — realmd — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — realmd — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-2704 Upstream summary: realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response. Table of contents Symptom […]

Read more
Debian 12 — libclamunrar — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libclamunrar — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-6706 CVE-2019-1785 CVE-2019-1798 CVE-2023-40477 Upstream summary: A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other […]

Read more
Debian 12 — node-set-value — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-set-value — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-10747 CVE-2021-23440 Upstream summary: set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype […]

Read more
Debian 12 — sane-backends — multiple vulnerabilities (16 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — sane-backends — multiple vulnerabilities (16 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0773 CVE-2003-0774 CVE-2003-0775 CVE-2003-0776 CVE-2003-0777 CVE-2003-0778 CVE-2017-6318 CVE-2020-12861  +8 more Upstream summary: saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host […]

Read more
CHAT