Debian 12 Bookworm

Debian 12 — libgcrypt20 — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libgcrypt20 — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-3591 CVE-2014-5270 CVE-2015-0837 CVE-2015-7511 CVE-2016-6313 CVE-2017-0379 CVE-2017-7526 CVE-2017-9526  +7 more Upstream summary: Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which […]

Read more
Debian 12 — gnuplot — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — gnuplot — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-9670 CVE-2018-19490 CVE-2018-19491 CVE-2018-19492 CVE-2020-25412 CVE-2020-25559 CVE-2020-25969 CVE-2021-44917  +7 more Upstream summary: An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to […]

Read more
Debian 12 — msgpuck — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — msgpuck — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-9036 Upstream summary: An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function […]

Read more
Debian 12 — node-got — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-got — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-33502 CVE-2022-33987 Upstream summary: The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because […]

Read more
Debian 12 — ansible-runner — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — ansible-runner — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-3701 CVE-2021-4041 Upstream summary: A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an […]

Read more
Debian 12 — libdata-entropy-perl — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libdata-entropy-perl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-1860 Upstream summary: Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Table of contents […]

Read more
Debian 12 — evince — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — evince — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2006-5864 CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643 CVE-2011-0433 CVE-2011-5244 CVE-2013-3718  +6 more Upstream summary: Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier […]

Read more
Debian 12 — yadm — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — yadm — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-11353 Upstream summary: yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), […]

Read more
Debian 12 — libpf4j-java — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libpf4j-java — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-40826 CVE-2023-40827 CVE-2023-40828 CVE-2025-70952 Upstream summary: An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the […]

Read more
Debian 12 — glances — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — glances — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-23418 CVE-2026-32596 CVE-2026-32608 CVE-2026-32609 CVE-2026-32610 CVE-2026-32611 CVE-2026-32632 CVE-2026-32633  +6 more Upstream summary: The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use […]

Read more
CHAT