Fix Prevention

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-23418 CVE-2026-30928 CVE-2026-32596 CVE-2026-32608 CVE-2026-32609 CVE-2026-32610 CVE-2026-32611 CVE-2026-32632  +7 more Upstream summary: The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1216 CVE-2005-1918 CVE-2005-2541 CVE-2006-0300 CVE-2006-6097 CVE-2007-4131 CVE-2007-4476 CVE-2010-0624  +7 more Upstream summary: GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-46175 Upstream summary: JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-31081 Upstream summary: HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-4184 Upstream summary: Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-4321 CVE-2009-0362 CVE-2009-5023 CVE-2012-5642 CVE-2013-2178 CVE-2013-7176 CVE-2013-7177 CVE-2021-32749 Upstream summary: fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-7769 CVE-2021-23400 CVE-2025-13033 CVE-2025-14874 Upstream summary: This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-32862 CVE-2026-39378 Upstream summary: The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-2592 Upstream summary: python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2011-2684 Upstream summary: foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian unstable, and 20090908dfsg-5.1+squeeze0 as packaged in Debian squeeze create temporary files insecurely, which […]