Debian 12 Bookworm

Debian 12 — libcgi-simple-perl — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libcgi-simple-perl — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-2761 CVE-2010-4410 CVE-2010-4411 CVE-2025-40927 Upstream summary: The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the […]

Read more
Debian 12 — python-marshmallow — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — python-marshmallow — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-17175 CVE-2025-68480 Upstream summary: In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" […]

Read more
Debian 12 — ruby-http — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — ruby-http — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-1828 Upstream summary: The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack. […]

Read more
Debian 12 — open-vm-tools — multiple vulnerabilities (17 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — open-vm-tools — multiple vulnerabilities (17 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-1142 CVE-2009-1143 CVE-2011-1681 CVE-2011-1787 CVE-2011-2145 CVE-2011-2146 CVE-2013-3237 CVE-2014-4199  +9 more Upstream summary: An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack […]

Read more
Debian 12 — php-horde-kronolith — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — php-horde-kronolith — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-6620 CVE-2013-6365 CVE-2017-16906 CVE-2017-16908 Upstream summary: Multiple cross-site scripting (XSS) vulnerabilities in the (1) tasks and (2) search views in Horde Kronolith H4 before 3.0.17 allow remote attackers […]

Read more
Debian 12 — libapache2-mod-auth-openidc — multiple vulnerabilities (17 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libapache2-mod-auth-openidc — multiple vulnerabilities (17 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-6059 CVE-2017-6062 CVE-2017-6413 CVE-2019-1010247 CVE-2019-14857 CVE-2019-20479 CVE-2021-20718 CVE-2021-32785  +9 more Upstream summary: Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows […]

Read more
Debian 12 — easy-rsa — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — easy-rsa — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-13454 Upstream summary: Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL […]

Read more
Debian 12 — connman — multiple vulnerabilities (16 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — connman — multiple vulnerabilities (16 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-2320 CVE-2012-2321 CVE-2012-2322 CVE-2012-6459 CVE-2017-12865 CVE-2021-26675 CVE-2021-26676 CVE-2021-33833  +8 more Upstream summary: ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote […]

Read more
CHAT