Debian 12 Bookworm

Debian 12 — rtpengine — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — rtpengine — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-53399 Upstream summary: In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to inject or intercept RTP/SRTP media […]

Read more
Debian 12 — node-tmp — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-tmp — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-54798 Upstream summary: tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory […]

Read more
Debian 12 — iniparser — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — iniparser — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-33461 CVE-2025-0633 Upstream summary: iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return. Table of contents Symptom & […]

Read more
Debian 12 — rust-tracing-subscriber — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — rust-tracing-subscriber — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-58160 Upstream summary: tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence […]

Read more
Debian 12 — node-ip — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-ip — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-42282 CVE-2024-29415 Upstream summary: The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via […]

Read more
Debian 12 — profanity — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — profanity — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-5592 Upstream summary: An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's […]

Read more
Debian 12 — netpbm-free — multiple vulnerabilities (11 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — netpbm-free — multiple vulnerabilities (11 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0146 CVE-2003-0924 CVE-2005-2471 CVE-2005-2978 CVE-2005-3632 CVE-2005-3662 CVE-2008-0554 CVE-2009-4274  +3 more Upstream summary: Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to […]

Read more
Debian 12 — aiomysql — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — aiomysql — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-62611 Upstream summary: aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local […]

Read more
Debian 12 — djbdns — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — djbdns — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-4392 CVE-2009-0858 CVE-2012-1191 Upstream summary: dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to […]

Read more
Debian 12 — golang-gopkg-square-go-jose.v2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — golang-gopkg-square-go-jose.v2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-28180 CVE-2026-34986 Upstream summary: Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing […]

Read more
CHAT