Debian 13 Trixie

Debian 13 — libyang — multiple vulnerabilities (18 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — libyang — multiple vulnerabilities (18 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-19333 CVE-2019-19334 CVE-2019-20391 CVE-2019-20392 CVE-2019-20393 CVE-2019-20394 CVE-2019-20395 CVE-2019-20396  +10 more Upstream summary: In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way […]

Read more
Debian 13 — python-bottle — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — python-bottle — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-3137 CVE-2016-9964 CVE-2020-28473 CVE-2022-31799 Upstream summary: Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to […]

Read more
Debian 13 — lz4 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — lz4 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-4611 CVE-2014-4715 CVE-2019-17543 CVE-2021-3520 Upstream summary: Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c […]

Read more
Debian 13 — gst-rtsp-server1.0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — gst-rtsp-server1.0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-6095 CVE-2024-44331 Upstream summary: An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null […]

Read more
Debian 13 — libtirpc — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — libtirpc — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-4429 CVE-2017-8779 CVE-2018-14622 CVE-2021-46828 Upstream summary: Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to […]

Read more
Debian 13 — golang-gopkg-square-go-jose.v1 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — golang-gopkg-square-go-jose.v1 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-9121 CVE-2016-9122 CVE-2016-9123 CVE-2026-34986 Upstream summary: go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an […]

Read more
Debian 13 — libffi — vulnerability — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — libffi — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-1000376 Upstream summary: libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a […]

Read more
Debian 13 — ruby-haml — vulnerability — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — ruby-haml — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-1002201 Upstream summary: In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be escaped […]

Read more
Debian 13 — juce — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — juce — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-23520 CVE-2021-23521 Upstream summary: The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.cpp. This vulnerability […]

Read more
CHAT