Debian 12 Bookworm

Debian 12 — horizon — multiple vulnerabilities (19 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — horizon — multiple vulnerabilities (19 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-2094 CVE-2012-2144 CVE-2012-3540 CVE-2012-5474 CVE-2013-4471 CVE-2013-6858 CVE-2014-0157 CVE-2014-3473  +11 more Upstream summary: Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack […]

Read more
Debian 12 — qpdf — multiple vulnerabilities (19 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — qpdf — multiple vulnerabilities (19 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-9252 CVE-2017-11624 CVE-2017-11625 CVE-2017-11626 CVE-2017-11627 CVE-2017-12595 CVE-2017-18183 CVE-2017-18184  +11 more Upstream summary: An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in […]

Read more
Debian 12 — xbindkeys-config — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — xbindkeys-config — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-9513 Upstream summary: Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows remote attackers to execute arbitrary code. Table of contents Symptom & Impact Environment & Reproduction Root […]

Read more
Debian 12 — lua-http — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — lua-http — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-4540 Upstream summary: Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service (DoS) attack to be executed by sending […]

Read more
Debian 12 — ganeti — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — ganeti — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-4261 CVE-2014-5247 CVE-2015-7944 CVE-2015-7945 Upstream summary: Multiple directory traversal vulnerabilities in the iallocator framework in Ganeti 1.2.4 through 1.2.8, 2.0.0 through 2.0.4, and 2.1.0 before 2.1.0~rc2 allow (1) […]

Read more
Debian 12 — dom4j — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — dom4j — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-1000632 CVE-2020-10683 Upstream summary: dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker […]

Read more
Debian 12 — kgb — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — kgb — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-1192 Upstream summary: Absolute path traversal vulnerability in kgb 1.0b4 allows remote attackers to write to arbitrary files via a full pathname in a crafted archive. Table of […]

Read more
Debian 12 — libsdl2 — multiple vulnerabilities (18 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libsdl2 — multiple vulnerabilities (18 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-2888 CVE-2019-13616 CVE-2019-13626 CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576  +10 more Upstream summary: An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A […]

Read more
Debian 12 — jline3 — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — jline3 — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-50572 Upstream summary: An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 allows attackers to cause an OOM (OutofMemory) error. Table of contents Symptom & Impact Environment & […]

Read more
Debian 12 — jose — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — jose — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-50967 Upstream summary: latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value. Table of […]

Read more
CHAT