Debian 12 Bookworm

Debian 12 — passenger — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — passenger — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-4136 CVE-2014-1831 CVE-2015-7519 CVE-2016-10345 CVE-2017-16355 CVE-2018-12029 Upstream summary: ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership […]

Read more
Debian 12 — node-qs — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-qs — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-10064 CVE-2014-7191 CVE-2022-24999 CVE-2025-15284 CVE-2026-2391 CVE-2026-8723 Upstream summary: The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a […]

Read more
Debian 12 — kodi — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — kodi — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-3885 CVE-2017-5982 CVE-2017-8314 CVE-2021-42917 CVE-2023-23082 CVE-2023-30207 Upstream summary: Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service […]

Read more
Debian 12 — libass — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libass — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-7969 CVE-2016-7970 CVE-2016-7972 CVE-2020-24994 CVE-2020-26682 CVE-2020-36430 Upstream summary: The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) […]

Read more
Debian 12 — yaml-cpp — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — yaml-cpp — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-11692 CVE-2017-5950 CVE-2018-20573 CVE-2018-20574 CVE-2019-6285 CVE-2019-6292 Upstream summary: The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service […]

Read more
Debian 12 — logback — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — logback — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-5929 CVE-2021-42550 CVE-2023-6378 CVE-2024-12798 CVE-2024-12801 CVE-2026-1225 Upstream summary: QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. Table of contents Symptom & Impact […]

Read more
Debian 12 — procps — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — procps — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2023-4016 Upstream summary: procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME […]

Read more
Debian 12 — nagios4 — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — nagios4 — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-13441 CVE-2018-13457 CVE-2018-13458 CVE-2018-18245 CVE-2020-13977 CVE-2020-35269 Upstream summary: qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to […]

Read more
Debian 12 — cflow — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — cflow — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-16165 CVE-2019-16166 CVE-2020-23856 CVE-2023-2789 CVE-2025-8735 CVE-2025-8736 Upstream summary: GNU cflow through 1.6 has a use-after-free in the reference function in parser.c. Table of contents Symptom & Impact Environment […]

Read more
Debian 12 — libhx — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libhx — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-2947 Upstream summary: Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of […]

Read more
CHAT