Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-25573 Upstream summary: An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-5824 CVE-2015-7747 CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832  +12 more Upstream summary: Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 9 (stretch) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-12243 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary Fix Solution – Alternative Approaches Verification & Acceptance […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-1000 CVE-2009-4013 CVE-2009-4014 CVE-2009-4015 CVE-2013-1429 CVE-2017-8829 Upstream summary: lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2006-0053 CVE-2007-2459 CVE-2008-1928 CVE-2024-53901 CVE-2026-8669 Upstream summary: Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-5410 CVE-2026-4948 Upstream summary: firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-5397 CVE-2018-11798 CVE-2019-0205 CVE-2019-0210 CVE-2020-13949 CVE-2025-48431 CVE-2026-41602 CVE-2026-41603  +8 more Upstream summary: The Apache Thrift Go client library exposed the potential during code generation for command injection due […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-24300 CVE-2022-24301 CVE-2022-35978 Upstream summary: Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0103 CVE-2006-0045 CVE-2020-11722 Upstream summary: crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-1227 Upstream summary: A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image […]