Debian 12 Bookworm

Debian 12 — encfs — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — encfs — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-3073 CVE-2010-3074 CVE-2010-3075 CVE-2014-3462 Upstream summary: SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which […]

Read more
Debian 12 — thunar — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — thunar — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-18398 CVE-2021-32563 Upstream summary: Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read […]

Read more
Debian 12 — realmd — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — realmd — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-2704 Upstream summary: realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response. Table of contents Symptom […]

Read more
Debian 12 — libclamunrar — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libclamunrar — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-6706 CVE-2019-1785 CVE-2019-1798 CVE-2023-40477 Upstream summary: A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other […]

Read more
Debian 12 — node-set-value — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-set-value — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-10747 CVE-2021-23440 Upstream summary: set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype […]

Read more
Debian 12 — sane-backends — multiple vulnerabilities (16 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — sane-backends — multiple vulnerabilities (16 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0773 CVE-2003-0774 CVE-2003-0775 CVE-2003-0776 CVE-2003-0777 CVE-2003-0778 CVE-2017-6318 CVE-2020-12861  +8 more Upstream summary: saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host […]

Read more
Debian 12 — djoser — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — djoser — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-21543 Upstream summary: Versions of the package djoser before 2.3.0 are vulnerable to Authentication Bypass when the authenticate() function fails. This is because the system falls back to […]

Read more
Debian 12 — python-keystonemiddleware — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — python-keystonemiddleware — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-7144 CVE-2015-1852 CVE-2015-7546 CVE-2022-2447 Upstream summary: OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a […]

Read more
CHAT