Debian 12 — fossil — multiple vulnerabilities (3 CVEs) — patch and remediation guide
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2017-17459 CVE-2020-24614 CVE-2021-36377 Upstream summary: http_transport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh […]