Debian 12 Bookworm

Debian 12 — node-webpack — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-webpack — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-28154 CVE-2024-43788 CVE-2025-68157 CVE-2025-68458 Upstream summary: Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property […]

Read more
Debian 12 — recutils — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — recutils — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-11637 CVE-2019-11638 CVE-2019-11639 CVE-2019-11640 CVE-2019-6455 CVE-2019-6456 CVE-2019-6457 CVE-2019-6458  +6 more Upstream summary: An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the […]

Read more
Debian 12 — mydumper — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — mydumper — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-30224 Upstream summary: MyDumper is a MySQL Logical Backup Tool. The MySQL C client library (libmysqlclient) allows authenticated remote actors to read arbitrary files from client systems via […]

Read more
Debian 12 — libmetadata-extractor-java — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libmetadata-extractor-java — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-24613 CVE-2022-24614 Upstream summary: metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This […]

Read more
Debian 12 — cinder — multiple vulnerabilities (13 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — cinder — multiple vulnerabilities (13 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-1068 CVE-2013-1664 CVE-2013-4183 CVE-2013-4202 CVE-2014-3641 CVE-2014-7230 CVE-2015-1851 CVE-2015-5162  +5 more Upstream summary: The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) […]

Read more
Debian 12 — node-sanitize-html — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-sanitize-html — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-25887 CVE-2024-21501 Upstream summary: The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML […]

Read more
Debian 12 — ohcount — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — ohcount — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-16926 Upstream summary: Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source […]

Read more
Debian 12 — catdoc — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — catdoc — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0193 CVE-2017-11110 CVE-2018-20451 CVE-2018-20453 CVE-2019-7156 CVE-2019-7233 CVE-2023-31979 CVE-2023-41633  +4 more Upstream summary: msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via […]

Read more
Debian 12 — libcpanel-json-xs-perl — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libcpanel-json-xs-perl — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-48623 CVE-2025-40929 Upstream summary: The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial […]

Read more
CHAT