Debian 12 Bookworm

Debian 12 — fossil — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — fossil — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-17459 CVE-2020-24614 CVE-2021-36377 Upstream summary: http_transport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh […]

Read more
Debian 12 — deluge — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — deluge — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-7178 CVE-2017-9031 CVE-2021-3427 Upstream summary: CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an […]

Read more
Debian 12 — phpunit — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — phpunit — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-9841 CVE-2026-24765 CVE-2026-41570 Upstream summary: Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with […]

Read more
Debian 12 — guava-libraries — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — guava-libraries — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-10237 CVE-2020-8908 CVE-2023-2976 Upstream summary: Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that […]

Read more
Debian 12 — golang-github-gin-contrib-cors — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — golang-github-gin-contrib-cors — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-25211 Upstream summary: parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/* is allowed when the intention is […]

Read more
Debian 12 — evolution-ews — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — evolution-ews — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-3890 Upstream summary: It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by […]

Read more
Debian 12 — pure-ftpd — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — pure-ftpd — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0656 CVE-2011-0418 CVE-2011-1575 CVE-2019-20176 CVE-2020-9274 CVE-2020-9365 CVE-2021-40524 CVE-2024-48208 Upstream summary: The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by […]

Read more
Debian 12 — socat — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — socat — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-1484 CVE-2010-2799 CVE-2012-0219 CVE-2013-3571 CVE-2014-0019 CVE-2015-1379 CVE-2016-2217 CVE-2024-54661 Upstream summary: Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an […]

Read more
Debian 12 — nbd — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — nbd — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-3534 CVE-2011-0530 CVE-2011-1925 CVE-2013-6410 CVE-2013-7441 CVE-2015-0847 CVE-2022-26495 CVE-2022-26496 Upstream summary: Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote […]

Read more
Debian 12 — shibboleth-sp — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — shibboleth-sp — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-3300 CVE-2009-3474 CVE-2009-3475 CVE-2009-3476 CVE-2019-19191 CVE-2021-28963 CVE-2021-31826 CVE-2025-9943 Upstream summary: Multiple cross-site scripting (XSS) vulnerabilities in the Identity Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and […]

Read more
CHAT