Debian 12 Bookworm

Debian 12 — libunivalue — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libunivalue — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-18936 Upstream summary: UniValue::read() in UniValue before 1.0.5 allow attackers to cause a denial of service (the class internal data reaches an inconsistent state) via input data that […]

Read more
Debian 12 — libspiro — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libspiro — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-19847 Upstream summary: Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

Read more
Debian 12 — ndpi — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — ndpi — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-11939 CVE-2020-11940 CVE-2020-15471 CVE-2020-15472 CVE-2020-15473 CVE-2020-15474 CVE-2020-15475 CVE-2020-15476  +1 more Upstream summary: In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result […]

Read more
Debian 12 — python-authlib — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — python-authlib — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-37568 CVE-2025-59420 CVE-2025-61920 CVE-2025-62706 CVE-2025-68158 CVE-2026-27962 CVE-2026-28490 CVE-2026-28498  +1 more Upstream summary: lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified […]

Read more
Debian 12 — sysstat — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — sysstat — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0107 CVE-2004-0108 CVE-2018-19416 CVE-2018-19517 CVE-2019-16167 CVE-2019-19725 CVE-2022-39377 CVE-2023-33204 Upstream summary: The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary […]

Read more
Debian 12 — mpop — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — mpop — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-8337 Upstream summary: In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. Table of contents Symptom & Impact Environment […]

Read more
Debian 12 — timeshift — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — timeshift — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-10174 Upstream summary: init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or […]

Read more
Debian 12 — weex — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — weex — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-3150 Upstream summary: Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format […]

Read more
Debian 12 — sabnzbdplus — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — sabnzbdplus — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-13124 CVE-2021-29488 CVE-2023-34237 Upstream summary: SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python […]

Read more
Debian 12 — tpm2-tss — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — tpm2-tss — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-24455 CVE-2023-22745 CVE-2024-29040 Upstream summary: Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local […]

Read more
CHAT