Debian 12 Bookworm

Debian 12 — mxml — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — mxml — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-4570 CVE-2016-4571 CVE-2018-20004 CVE-2018-20005 CVE-2018-20592 CVE-2018-20593 CVE-2026-5037 Upstream summary: The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial […]

Read more
Debian 12 — netdata — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — netdata — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-18836 CVE-2018-18837 CVE-2018-18838 CVE-2018-18839 CVE-2019-9834 CVE-2023-22496 CVE-2023-22497 Upstream summary: An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in […]

Read more
Debian 12 — gvfs — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — gvfs — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-12447 CVE-2019-12448 CVE-2019-12449 CVE-2019-12795 CVE-2019-3827 CVE-2026-28295 CVE-2026-28296 Upstream summary: An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. […]

Read more
Debian 12 — slic3r — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — slic3r — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-28590 CVE-2020-28591 CVE-2021-44961 CVE-2021-44962 CVE-2021-45846 CVE-2021-45847 CVE-2022-36788 Upstream summary: An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. […]

Read more
Debian 12 — caddy — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — caddy — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-28923 CVE-2026-27585 CVE-2026-27586 CVE-2026-27587 CVE-2026-27588 CVE-2026-27589 CVE-2026-27590 Upstream summary: Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites […]

Read more
Debian 12 — node-webfont — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-webfont — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-26920 CVE-2026-25896 CVE-2026-26278 CVE-2026-27942 CVE-2026-33036 CVE-2026-33349 CVE-2026-41650 Upstream summary: fast-xml-parser before 4.1.2 allows __proto__ for Prototype Pollution. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

Read more
Debian 12 — lynx — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — lynx — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1405 CVE-2004-1617 CVE-2005-3120 CVE-2016-9179 CVE-2017-1000211 CVE-2021-38165 Upstream summary: CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request […]

Read more
Debian 12 — zint — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — zint — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-27799 Upstream summary: ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes […]

Read more
Debian 12 — mpmath — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — mpmath — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-29063 Upstream summary: A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called. Table of contents Symptom […]

Read more
CHAT